Re: Splunk *nix app- Not getting the processes in ...

sujanaskumar · ‎01-08-2018

The *nix app is retrieving the process (sshd, httpd etc) details running on the unix/linux servers. However, few processes are not running (on few servers) for quite long time and its not retrieving those events. Is this the issue with the line count post 256 getting omitted . Does it help in anyway if i try to change the ulimit values . Please help with this.

afamoyib · ‎01-09-2018

Did you get a chance to review the splunkd logs for any errors or things of that nature. If the interval time is setup on the input file with the exact time you want in seconds. That would be the next place to look at

sujanaskumar · ‎01-09-2018

Yes, its the ps.sh script getting data every 2 miuntes . Getting events from other servers and same processes, but from few other server for some processes, the events are missing. How to check this. No errors in the logs. Seems like its a miss happening at the client side. But not sure how to check this. Can adding CRCSalt= helps to fix this?

Splunk *nix app- Not getting the processes in a specific interval

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Join the Conversation