Monitoring Splunk

How to monitor CPU utilization using splunk

Communicator

Hi,

I want to get information about CPU utilization by splunk server.Is there any query for this or i need to write any external script for this.So that splunk can index that file and show it in dashboard.Please guide me.

Thanks,

Tags (4)
0 Karma

Path Finder

okay i read the splunk for nix docs a little closer and found the answer to my own question. never mind.

Explorer

I downvoted this post because doesn't provide valuable input

Communicator

Iam asking for both windows 64 and unix too

0 Karma

SplunkTrust
SplunkTrust

I would recommend you look at the already-existing "Splunk for *Nix" and "Splunk for Windows" apps, both of which do this already for common operating systems.

http://splunk-base.splunk.com/apps/22315/splunk-app-for-windows

http://splunk-base.splunk.com/apps/22314/splunk-for-unix-and-linux

If by some incredible misfortune these do not support the system you are trying to collect from, they would still be good jumping-off points for learning how to support the same thing for your own systems.

Also, both of these are "Splunk Supported" meaning that if you have Enterprise support you can submit enhancement requests against them and be able to get Splunk themselves to work on improvements. http://splunk-base.splunk.com/answers/4844/how-can-i-submit-an-enhancement-request

Path Finder

okay i read the splunk for nix docs a little closer and found the answer to my own question. never mind.

0 Karma

Path Finder

found this answer, and it got me part way to what i wanted. I installed splunk-app-for-unix on my indexer and splunk-add-on-for-unix on each of my two universal fowarders. those forwarders have been working (sending other application data) for some time. however, after installing what i expected to be this OS status app, the splunk app for unix windows shows data for the indexer only. the other two hosts don't appear. regular search shows that pertinent data are coming across, so what have misconfigured? haven't found a button in the app-for-unix to tell it use other hosts' data.

0 Karma

Motivator

what OS your splunk is running?

0 Karma