Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Unix server Apache instences monitering

marellasunil
Communicator
‎03-08-2013 02:42 AM

How to moniter apache instance of a Unix server in splunk.
There are 10 apache instances running every time in Unix server. and my idea is to check whether it is up or down through Splunk.
Can anybody suggest me.
I have a code to run manullay in Server as well
Name : apache_serv
If I run "apache_serv resident all", it list down all the apache instances.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

bmacias84
Champion
‎03-08-2013 10:32 AM

Hello,
I am not sure how familiar you are will script inputs or what your deployment process. This is my thought is to create a script input. I assume that apache_serv is a perl, bash, python or some kind of script. If so I would create a .sh file to be ran using splunk script input method. Splunk will then read the output from your command.

Going a little further I would create a Technology Add-on (TA) and deploy it via the Deployment Server.

myApacheInstances.sh



#!/bin/bash

/bin/<script_location>/ apache_serv resident all

done

If I created a TA this call apache_default

Outputs.conf



[script://$SPLUNK_HOME/apache_default/bin/myApacheInstance.sh] 

index = <myIndex>

source = myApacheInstances.sh

sourcetype = <mySourceType>

#My interval for collection

interval = 0 0 * * *

Additional Reading:

Setupcustominputs

CreatingaTechnologyAdd-on

Hope this helps or gets you started. Dont forget to thumbs up and/or accept answers.

Cheers

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

bmacias84
Champion
‎03-08-2013 10:32 AM

Hello,
I am not sure how familiar you are will script inputs or what your deployment process. This is my thought is to create a script input. I assume that apache_serv is a perl, bash, python or some kind of script. If so I would create a .sh file to be ran using splunk script input method. Splunk will then read the output from your command.

Going a little further I would create a Technology Add-on (TA) and deploy it via the Deployment Server.

myApacheInstances.sh



#!/bin/bash

/bin/<script_location>/ apache_serv resident all

done

If I created a TA this call apache_default

Outputs.conf



[script://$SPLUNK_HOME/apache_default/bin/myApacheInstance.sh] 

index = <myIndex>

source = myApacheInstances.sh

sourcetype = <mySourceType>

#My interval for collection

interval = 0 0 * * *

Additional Reading:

Setupcustominputs

CreatingaTechnologyAdd-on

Hope this helps or gets you started. Dont forget to thumbs up and/or accept answers.

Cheers

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...