...ame for each "subsection" of the ps command. I want to be able to make a graph of each "proc" to show their cpu and memory usage over time. The processes will be in a random order. I have the time l...
I'm working to deploy Splunk in an HPC environment and am trying to set up some metrics queries that I didn't see in the Splunk for *nix app. Specifically I'd like have a timechart that show cpu util...
We get an alert from sourcetype=ps as a result of running this save search: (authentication failure) OR (Account * too many attempts) OR (Failed password) startminutesago=5
We turned off the *n...
I have Splunk_TA_nix installed and ps.sh enabled on my Apache storm nimbus instances. I can run a general ps sourcetype query on a service I know should always be running like rhnsd and get e...
Hello!
I'm trying to calculate values based on deltas of ps fields, grouped by PID - ie, I want to refer to the previous timestamp but for the same PID. Obviously there are many PIDs listed for e...
I've recently installed Splunk_TA_nix and started using the "ps" script. The data is ingested into my ES. However it is not translated into CIM Endpoint.Processes object, because it lacks "r...
...he TA_nix ps sourcetype. The rub is that it's for a two node cluster, so when one host is down and the other one is still up then the cluster as a whole is still up, and that's what they want..
A...
I have setup a splunk server and one lightforwarder client. This is configured to send the output of ps every 30 seconds to the server.
On our applications servers, I can easily count the number o...
Once installing Twilio and perimeter security to my machine with my Splunk enterprise, what do I do to configure perimeter security? There's no real guide on what to do afterward.