Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Unix / Linux Addon

corina_kolb
Engager
‎02-24-2021 10:52 PM

Hello,

in many linux versions the comman netstat is now deprecated. Now you have the problem to use the sourcetype netstat within the Linux/Unix Addon in Splunk. Is there a possibility to use another command, e.g. ss instead of netstat in future as sourcetype? Many thanks in advance.

Labels (1)
Labels
0 Karma
Reply

dave_null
Path Finder
‎03-05-2021 02:48 AM

Are you talking about this app? https://splunkbase.splunk.com/app/273/

 

If you have access to the app config files, you should be able to swap the netstat command with "ss," though I couldn't tell you exactly how without knowing which app you are referring to.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...