Activity Feed
- Got Karma for Re: Splunk App for Unix and Linux: How to check splunkd.log why I can't I add a forwarder client in splunk GUI after installing a forwarder?. 06-05-2020 12:47 AM
- Got Karma for I am new for splunk application. working as a unix system administrator. can i know what are the basic functions of splunk?. 06-05-2020 12:47 AM
- Got Karma for Difference between Splunk app and splunk add-on and universal forwarder?. 06-05-2020 12:47 AM
- Got Karma for How to deploy Splunk on AIX/Unix servers for server performance monitoring?. 06-05-2020 12:47 AM
- Posted Re: Can I get search script to filter only errpt errors? on Splunk Search. 02-06-2015 06:58 AM
- Posted Can I get search script to filter only errpt errors? on Splunk Search. 02-05-2015 01:30 PM
- Tagged Can I get search script to filter only errpt errors? on Splunk Search. 02-05-2015 01:30 PM
- Tagged Can I get search script to filter only errpt errors? on Splunk Search. 02-05-2015 01:30 PM
- Tagged Can I get search script to filter only errpt errors? on Splunk Search. 02-05-2015 01:30 PM
- Posted Re: how to find out file systems are using more than 90% space in unix servers? on Alerting. 02-04-2015 07:38 AM
- Posted how to find out file systems are using more than 90% space in unix servers? on Alerting. 02-04-2015 06:02 AM
- Tagged how to find out file systems are using more than 90% space in unix servers? on Alerting. 02-04-2015 06:02 AM
- Tagged how to find out file systems are using more than 90% space in unix servers? on Alerting. 02-04-2015 06:02 AM
- Posted Re: NMON Performance Monitor for Unix and Linux Systems: Why am I not seeing the forwarder client in the GUI? on All Apps and Add-ons. 02-03-2015 06:16 AM
- Posted Re: Splunk App for Unix and Linux: How to check splunkd.log why I can't I add a forwarder client in splunk GUI after installing a forwarder? on All Apps and Add-ons. 02-03-2015 06:10 AM
- Posted Re: NMON Performance Monitor for Unix and Linux Systems: Why am I not seeing the forwarder client in the GUI? on All Apps and Add-ons. 02-02-2015 12:37 PM
- Posted Re: how to install forwarder add-on on unix/AIX servers? on Getting Data In. 02-02-2015 12:28 PM
- Posted how to install forwarder add-on on unix/AIX servers? on Getting Data In. 02-02-2015 11:47 AM
- Tagged how to install forwarder add-on on unix/AIX servers? on Getting Data In. 02-02-2015 11:47 AM
- Tagged how to install forwarder add-on on unix/AIX servers? on Getting Data In. 02-02-2015 11:47 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 1 | |||
| 1 | |||
| 0 |
02-06-2015
06:58 AM
Yes, but I am getting 2 duplicate results for each error,
Time Event
2/5/15
4:09:15.000 PM
Feb 5 16:09:15 bhx26 user:notice root: Msg from Error Log: --------------------------------------------------------------------------- LABEL: OPMSG IDENTIFIER: AA8AB241 Date/Time: Thu Feb 5 16:09:15 EST 2015 Sequence Number: 387 Machine Id: 00C463C74C00 Node Id: bhx26 Class: O Type: TEMP WPAR: Global Resource Name: OPERATOR Description OPERATOR NOTIFICATION User Causes ERRLOGGER COMMAND Recommended Actions REVIEW DETAILED DATA Detail Data MESSAGE FROM ERRLOGGER COMMAND this is a test
host = Host name source = /var/adm/syslog/syslog.log sourcetype = syslog-2
2/5/15
4:09:15.000 PM
Feb 5 16:09:15 bhx26 user:notice root: Msg from Error Log: --------------------------------------------------------------------------- LABEL: OPMSG IDENTIFIER: AA8AB241 Date/Time: Thu Feb 5 16:09:15 EST 2015 Sequence Number: 387 Machine Id: 00C463C74C00 Node Id: bhx26 Class: O Type: TEMP WPAR: Global Resource Name: OPERATOR Description OPERATOR NOTIFICATION User Causes ERRLOGGER COMMAND Recommended Actions REVIEW DETAILED DATA Detail Data MESSAGE FROM ERRLOGGER COMMAND this is a test
host = Host name source = /var/adm/syslog/syslog.log sourcetype = syslog-2
... View more
02-05-2015
01:30 PM
I am getting below output when i am searching in syslog. I want to filter only Error Log messages given below.
search :source="/var/adm/syslog/syslog.log" | multikv |
Time Event
2/5/15
4:09:15.000 PM
Feb 5 16:09:15 bhx26 user:notice root: Msg from Error Log: --------------------------------------------------------------------------- LABEL: OPMSG IDENTIFIER: AA8AB241 Date/Time: Thu Feb 5 16:09:15 EST 2015 Sequence Number: 387 Machine Id: 00C463C74C00 Node Id: bhx26 Class: O Type: TEMP WPAR: Global Resource Name: OPERATOR Description OPERATOR NOTIFICATION User Causes ERRLOGGER COMMAND Recommended Actions REVIEW DETAILED DATA Detail Data MESSAGE FROM ERRLOGGER COMMAND this is a test
host = Host name source = /var/adm/syslog/syslog.log sourcetype = syslog-2
2/5/15
4:09:15.000 PM
Feb 5 16:09:15 bhx26 user:notice root: Msg from Error Log: --------------------------------------------------------------------------- LABEL: OPMSG IDENTIFIER: AA8AB241 Date/Time: Thu Feb 5 16:09:15 EST 2015 Sequence Number: 387 Machine Id: 00C463C74C00 Node Id: bhx26 Class: O Type: TEMP WPAR: Global Resource Name: OPERATOR Description OPERATOR NOTIFICATION User Causes ERRLOGGER COMMAND Recommended Actions REVIEW DETAILED DATA Detail Data MESSAGE FROM ERRLOGGER COMMAND this is a test
host = Host name source = /var/adm/syslog/syslog.log sourcetype = syslog-2
2/5/15
4:09:03.000 PM
Feb 5 16:09:03 bhx26 auth|security:debug sshd[14155806]: debug3: fd 8 is O_NONBLOCK
host = Host name source = /var/adm/syslog/syslog.log sourcetype = syslog-2
2/5/15
4:09:03.000 PM
Feb 5 16:09:03 bhx26 auth|security:debug sshd[14155806]: debug2: fd 11 setting O_NONBLOCK
host = Host name source = /var/adm/syslog/syslog.log sourcetype = syslog-2
2/5/15
4:09:03.000 PM
Feb 5 16:09:03 bhx26 auth|security:debug sshd[14155806]: debug2: channel 0: rfd 11 isatty
... View more
02-04-2015
07:38 AM
Thank you I got it now...
... View more
02-04-2015
06:02 AM
I ran below script, but it is not working.
sourcetype=df | multikv | dedup host,Filesystem | rex field=UsePct "(?\d+)" | where usage>50 | eval _raw="Filesystem "+Filesystem+" (mount point "+MountedOn+") on host "+host+" is "+UsePct+" full!" | fields - *
... View more
02-03-2015
06:16 AM
I cannot see any contact option to contact you by mail here..
... View more
02-03-2015
06:10 AM
yes, I have nmon in my server.
... View more
02-02-2015
12:37 PM
Oh ok.. Now i can able to get Nmon data. I want to configure email alerts for CPU usage ( >95), mem,Disk,Net work and File system alerts in mail. Do you have any procedure to get email alerts?
... View more
02-02-2015
12:28 PM
Thanks for your reply, I am trying to install forwarder in Unix/Aix server, but when i checked in splunk web- settings-forwarder management no client is showing. and I want to monitor cpu,memory,disk,network usage, once it exceeds threshold value, it should trigger mail to us. I am planning to implement this on AIX/UNIX. Please let me know if you need more information/
... View more
02-02-2015
11:16 AM
Thanks, I have gone all your procedure, but I cannot see the forwarder client in "splunk app for UNIX" app. when i select this i can only see server instance. no clients.
... View more
02-02-2015
08:50 AM
Thank you for your response. We want to monitor aix file system usage(throshold 95%) and cpu uage (%), mem uage (%),disk uage (%). If their utilization is exceeds the threshold, then we want to alert by mail. Please let us know if you need more details/
... View more
02-02-2015
08:28 AM
We want to monitor
aix file system usage(throshold 95%)
cpu uage (%)
mem uage (%)
disk uage (%)
If their utilization is exceeds the threshold, then we want to alert by mail. Please let us know if you need more details.
... View more
01-28-2015
01:41 PM
Hi I am not able to get exact settings for this, Can you share any link to configure props.conf?
... View more
01-28-2015
10:42 AM
I am not seeing forwarder client in splunk nmon GUI, but the server is connected to client.checked with netstat in unix/AIX environment
... View more
01-27-2015
12:29 PM
1 Karma
I have already done these steps. but I cannot see forwarder client in splunk web
... View more
01-27-2015
11:27 AM
logfiles: splunkd.log
forwarder side:
01-27-2015 14:12:44.726 -0500 ERROR ArchiveContext - archive writer failure: errno=Broken pipe
01-27-2015 14:12:44.726 -0500 ERROR ArchiveContext - From archive='/opt/splunkforwarder/etc/apps/TA-nmon/var/nmon_repository/bhcx27_150127_1357.nmon': python: A file or directory in the path name does not exist.
central splunk:
01-27-2015 14:14:32.170 -0500 ERROR ExecProcessor - message from "/opt/splunk/etc/apps/nmon/bin/nmon_helper.sh" which: no nmon in (/opt/splunk/bin:/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
01-27-2015 13:33:32.883 -0500 ERROR HttpListener - Exception while processing request from 10.9.85.4 for /en-US/module/system/Splunk.Module.UnixBubbleGrid/render?sid=1422383610.272&client_app=splunk_app_for_nix: Connection closed by peer
01-27-2015 13:26:49.420 -0500 ERROR HttpListener - Handler for /en-US/module/system/Splunk.Module.UnixResultsTable/render?count=20&offset=0&sid=1422383204.177&client_app=splunk_app_for_nix sent a 0 byte response after earlier claiming a Content-Length of 333!
01-27-2015 13:26:50.978 -0500 ERROR HttpListener - Exception while processing request from 10.9.85.4 for /en-US/module/system/Splunk.Module.UnixResultsTable/render?count=20&offset=0&sid=1422383205.185&client_app=splunk_app_for_nix: Connection closed by peer
01-27-2015 13:26:50.978 -0500 ERROR HttpListener - Handler for /en-US/module/system/Splunk.Module.UnixResultsTable/render?count=20&offset=0&sid=1422383205.185&client_app=splunk_app_for_nix sent a 0 byte response after earlier claiming a Content-Length of 467!
... View more
01-09-2015
08:24 AM
1 Karma
Hallo,
We have 90 AIX/Unix servers. We are planning to implement Splunk on them. Now I have 2 to 3 test servers with me. Can you please explain me where to install the splunk applications and step by step procedure? For example:
ser1- splunk app(server) ser2- splunk forwarder with addon (client1) ser3- splunk forwarder with addon (client2)
If the above is correct, could you please explain the step by step procedure to deploy Splunk for system monitoring?
... View more
01-08-2015
08:32 AM
oh, Thank you. Do we have any video link for splunk configuration for unix/linux servers monitoring?
... View more
01-08-2015
07:43 AM
Thank you.. But I want to understand that where we install splunk app and splunk fowarder?
splunk app - server side
splunk universal forwarder- client side with addon
Is this correct?
... View more
01-08-2015
07:28 AM
1 Karma
As per my understanding we install Splunk app on serverside, Splunk universal forwarder is client-side, then what is a Splunk add-on?
... View more
Labels
- Labels:
-
add-on
-
app
-
universal forwarder
12-30-2014
09:02 AM
Thank you, I am not understanding this sentence "It indexes data from any application, server, or network device that makes up your IT infrastructure". As unix server perspective what It can do? How we can utilize this application?
... View more
12-30-2014
08:56 AM
Thank you for your reply, I am just trying to understand that splunk is application based or server based ?
I mean this application is used for server activities or application activities?
... View more
12-30-2014
06:04 AM
Nmon for splunk is splunk application ? how to Download and configure it to monitor AIX/Unix performance?
... View more
