Splunk IT Service Intelligence
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How can I get Splunk Add-on for Unix data show up in Splunk IT Service Intelligence (ITSI) dashboards?

hylam
Contributor
‎09-10-2015 01:02 AM

The events from the Splunk Add-on for Unix and Linux conforms to CIM. How can I get anything to show in the ITSI dashboards? Thx.

0 Karma
Reply

jbailey_splunk
Splunk Employee
Splunk Employee
‎10-12-2015 07:09 AM

You can build this in one of two ways in ITSI through KPI's:

1) Use the Data Model option when creating a new KPI, or
2) Use the AdHoc Search option and specifically build your KPI on a search that utilizes your Unix/Linux Add-on data

Hope this helps!

0 Karma
Reply

badrinath_itrs
Communicator
‎10-11-2015 04:49 AM

Please create a service using configure option in ITSI and select the existing OS data model as KPI . This will add all the OS related KPI to the Service and you can either choose a Glass Table or Service analyzer screen to monitor.

0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎10-10-2015 03:34 PM

the answer depends on the dashboard...

0 Karma
Reply

hylam
Contributor
‎10-11-2015 01:55 AM

Can u plz give 1 example?

0 Karma
Reply

hylam
Contributor
‎10-10-2015 04:36 PM

Plz elaborate

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...