Installation

How to install Raspberry Pi sending info from an ultrasonic sensor to a laptop using Splunk?

CCHS
Explorer

I'm a novice when it comes to working with Raspberry Pi's and Splunk. Trying to send information from an ultrasonic sensor to a laptop using Splunk. I have downloaded Splunk onto my laptop and have it up and running. I have then downloaded Splunk on the Raspberry Pi, but don't know how to install it. I have been using this page to set everything up. http://blogs.splunk.com/2013/10/21/how-to-splunk-data-from-a-raspberry-pi-three-easy-steps/
Can somebody help?

Labels (1)

emixam3
Explorer

HI!
Anything works for me. I tried the three steps procedure, the guilmxm's steps, but nothing matched. I see a connection between my raspberry and my indexers (with tcpdump on port 9997), but nothing in splunk.

0 Karma

guilmxm
Influencer

You seem to be looking for an example of use of Forwarders and Splunk, and your Pi to finally send the data you need from your Pi to Splunk

Here is one that should help you understanding how all this works, then to adapt this to your needs

  • Download the Pi forwarder version:

http://apps.splunk.com/app/1611/

  • Upload in it, extract and install (let's say /tmp/)

gunzip -v /tmp/forwarder-for-linux-arm-raspberry-pi_10.tgz
cd /opt/
sudo tar -xvf /tmp/forwarder-for-linux-arm-raspberry-pi_10.tar
cd splunkforwarder/
sudo bin/splunk enable boot-start
sudo bin/splunk start

  • In your Splunk instance, install the nmon App:

https://apps.splunk.com/app/1753/

Depending the system you are running on, you can also activate local monitoring, but this is not the sujbect here

In your Splunk instance, activate network data receiving:

/opt/splunk/bin/splunk enable listen 9997

  • Upload the TA-nmon App located in "resources" directory to your Raspberry Pi
  • In your Raspberry Pi:

cd /opt/splunkforwarder/etc/apps/
tar -xvzf /tmp/TA-nmon*.tar.gz

Create an outputs.conf to configure sending data from your client to your server:

edit /opt/splunkforwarder/TA-nmon/local/outputs.conf

Example of simple configuration:

[tcpout]
defaultGroup = default-autolb-group

[tcpout:default-autolb-group]
server = mysplunk-server:9997

[tcpout-server://mysplunk-server:9997]

And finally restart the forwarder:

sudo /opt/splunkforwarder/bin/splunk restart

Upon a few minutes, you should begin to receive data from to your Pi to the nmon App in your Splunk instance.

I voluntary did not mention deployment server or advanced features to keep it simple, but in your read the Help page within the Nmon App, you will find scenarios where all these steps are described in details.

anortrup
Explorer

I downvoted this post because the link does not go to an article.

0 Karma

ChrisG
Splunk Employee
Splunk Employee

Did you download Splunk or the universal forwarder to your Raspberry Pi? They are different packages. The instructions in the blog (that link to http://docs.splunk.com/Documentation/Storm/Storm/User/Setupauniversalforwarderonnix) should work.

sloshburch
Splunk Employee
Splunk Employee

Building on @chrisG's post, the app's documentation points to some installation instructions: https://splunkbase.splunk.com/app/1611/#/documentation

0 Karma

ChrisG
Splunk Employee
Splunk Employee

Yes, you need to install it from the command line in a terminal. See http://docs.splunk.com/Documentation/Storm/latest/User/Setupauniversalforwarderonnix#Install_the_for....

CCHS
Explorer

I don't know how to install the Universal Forwarder after downloading it. Do I need to run a command in LX Terminal or do something else?

0 Karma

ChrisG
Splunk Employee
Splunk Employee

Are you following the instructions in the link for setting up a universal forwarder? I am confused about exactly where you are running into trouble.

0 Karma

CCHS
Explorer

I downloaded the Universal Forwarder but don't know what to do from there.

0 Karma

CCHS
Explorer

Can anyone help? I just need to know how to install it after downloading it.

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...