Deployment Architecture

Linux Scripting

hi all,
i need to monitor process on linux servers. normlly i use ps -ef | grep java to see if my procees arae running. i need to implement this in splunk. can some one help on what should i put on the file to get the result of this command on my splunk?
I am using RHEL. version varies from server to server.

Tags (3)
0 Karma

New Member

is there any update for this ?
I also trying to attempt this but its not working.

0 Karma


You should be able to put exactly the same thing into your file:

ps -ef | grep java

and create a scripted input in the Splunk Manager to run the script.

If you want to see a more sophisticated version of a scripted input, you could install the *NIX Splunk app and take a look at its script, which does some editing of the header lines.

More info here

Here is a very simple that should work for most flavors of Linux:

ps -ef | grep java

Make sure that is executable (chmod +x Put the script in an appropriate directory and then set up a scripted input in the Splunk Manager. In the scripted input, specify the absolute path to the script.

0 Karma


Okay, that means that your Linux does not support all of the options that were used in the script.

I would do man ps and look at the script to see which option might be causing the problem, and remove it. Or maybe there was a typo in one of the ps commands.

Of course, the problem might be in one of the other commands instead.

I will update my answer with a very simple script that should work.

0 Karma

i did this. i changed the already existing commands in the nested if structure of the file that comes with *NIX app to ps-ef | grep and i tried to execute the file on the linux server itself by typing ./
upon doing this i got the following error:

[karthik.balakrishnan@vtormftqa01 bin]$ ./
ERROR: Unsupported SysV option.

0 Karma