Solved: Re: login to server run a command and get the numb...

splunkuseradmin · ‎03-22-2019

I have 2 questions:

suppose I have a "192.168.1.1" IP. How do I check the connectivity through Splunk?
overall, I want to know how many URL requests have been done to a server(IP I mentioned in 1st Question) specific URL requests, not just all of them.

So, I have a command that shows a total number of hits.

So, I need you to configure Splunk in a way that it logs into a server, runs the command and gets the number of that URL hits. Stores it for the server, and if I look at the hourly graph, I’ll see hourly stats, and if I look at the daily graph, I’ll see a graph in daily hits summary.

ehowardl3 · ‎03-22-2019

For number 2, why not have the script output the metrics to a file and have the Splunk universal forwarder installed on the host, watching the file?

View solution in original post

ehowardl3 · ‎03-22-2019

For number 2, why not have the script output the metrics to a file and have the Splunk universal forwarder installed on the host, watching the file?

splunkuseradmin · ‎03-22-2019

I don’t want to feed splunk with gigs of useless data
all I need is for the splunk to login to server, run the command and get the number back.

can I do that without UF s well ?

ehowardl3 · ‎03-22-2019

You wouldn’t be feeding gigs of useless data into Splunk. Run a script that outputs the number of URL hits to a file, and have the universal forwarder only watching that file. You would only be sending the data in that file to Splunk.

splunkuseradmin · ‎03-22-2019

so you saying its not possible to login to any linux server sitting on splunk UI to perform any command but we do have other way to do that by installing UF on host.

is there any other possible way instead installing universal forwarder to access that file or something else?

ehowardl3 · ‎03-23-2019

If you really don’t want to install a universal forwarder on your Linux server, you could transfer the file over to an intermediary forwarder via SCP, rsync, TCP, etc., however that’s just adding an extra step to the process.

splunkuseradmin · ‎03-23-2019

Thanks appreciate.

splunkuseradmin · ‎03-26-2019

I will have around 35 hosts

each host will generate 2 files each hour: jp_hits_404.txt and jp_hits_200.txt
each file will contain a single number in text format, like “105” or “284"

what do you think i can do

splunkuseradmin · ‎03-26-2019

and also can user get the intermedatory forwarder ip sitting on splunk UI??
what is we are not even admin and dont have access to backend juss have access to splunk UI.

how do you think we can solve this

splunkuseradmin · ‎03-22-2019

all I need is for the splunk to login to server, run the command and get the number back.

splunkuseradmin · ‎03-22-2019

this are the two commands i wanted to run on that server.

/home/splunkfetcher/getURIcount.sh 200
/home/splunkfetcher/getURIcount.sh 404
thanks

login to server run a command and get the number back to store it

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Unleash Unified Security and Observability with Splunk Cloud Platform