I have 2 questions:
suppose I have a "192.168.1.1" IP. How do I check the connectivity through Splunk?
overall, I want to know how many URL requests have been done to a server(IP I mentioned in 1st Question) specific URL requests, not just all of them.
So, I have a command that shows a total number of hits.
So, I need you to configure Splunk in a way that it logs into a server, runs the command and gets the number of that URL hits. Stores it for the server, and if I look at the hourly graph, I’ll see hourly stats, and if I look at the daily graph, I’ll see a graph in daily hits summary.
For number 2, why not have the script output the metrics to a file and have the Splunk universal forwarder installed on the host, watching the file?
For number 2, why not have the script output the metrics to a file and have the Splunk universal forwarder installed on the host, watching the file?
I don’t want to feed splunk with gigs of useless data
all I need is for the splunk to login to server, run the command and get the number back.
can I do that without UF s well ?
You wouldn’t be feeding gigs of useless data into Splunk. Run a script that outputs the number of URL hits to a file, and have the universal forwarder only watching that file. You would only be sending the data in that file to Splunk.
so you saying its not possible to login to any linux server sitting on splunk UI to perform any command but we do have other way to do that by installing UF on host.
is there any other possible way instead installing universal forwarder to access that file or something else?
If you really don’t want to install a universal forwarder on your Linux server, you could transfer the file over to an intermediary forwarder via SCP, rsync, TCP, etc., however that’s just adding an extra step to the process.
Thanks appreciate.
I will have around 35 hosts
each host will generate 2 files each hour: jp_hits_404.txt and jp_hits_200.txt
each file will contain a single number in text format, like “105” or “284"
what do you think i can do
and also can user get the intermedatory forwarder ip sitting on splunk UI??
what is we are not even admin and dont have access to backend juss have access to splunk UI.
how do you think we can solve this
all I need is for the splunk to login to server, run the command and get the number back.
this are the two commands i wanted to run on that server.
/home/splunkfetcher/getURIcount.sh 200
/home/splunkfetcher/getURIcount.sh 404
thanks