How can I collect CPU and Memory usage logs from unix forwarder?
I have Unix indexer and Unix forwarder. Both have connection. NMON and nix **apps* for Unix are not satisfying my problem.
So I want to create a dashboard to analyze CPU utilization and memory consumption of these two Unix boxes.
thanks in advance.
Use "Splunk_TA_nix" app. It won't be collecting from file, but rather as scripted input.
- create a local directory within this app and create inputs.conf
- Open a copy of defaults/inputs.conf and check which all items you want to extract
- Then copy exact same paragraph into "local/inputs.conf" and put an entry disabled = 0
[script://./bin/vmstat.sh]
disabled = 0
[script://./bin/top.sh]
disabled = 0
and so on...
Use "Splunk_TA_nix" app. It won't be collecting from file, but rather as scripted input.
- create a local directory within this app and create inputs.conf
- Open a copy of defaults/inputs.conf and check which all items you want to extract
- Then copy exact same paragraph into "local/inputs.conf" and put an entry disabled = 0
[script://./bin/vmstat.sh]
disabled = 0
[script://./bin/top.sh]
disabled = 0
and so on...
Which app? Is this an add on for the normal agent?
The Splunk App for Unix will do that.
I used NMON and *nix but i didn't get results. do you know where (in which path) these logs are stay.
Hi, have you followed installation instructions ?
http://nmonsplunk.wikidot.com/documentation:installation:bydeployment:distributed
NMON does not collect CPU or Memory data.
The *nix app runs scripts on the Linux boxes to collect performance data and forward it to Splunk. You must first enable the desired scripts from the app's UI. The data is stored only in Splunk indexers, not on the monitored systems.
@ruchgalloway
This is totally wrong, Nmon Perf app collects much more perf metric *nix App will ever do, including CPU and Memory
Data is generated on UF and indexed within Splunk, the Nmon app provides various interfaces to analyse perf of systems. You should give a try -:)
I thought the OP was referring to the Linux nmon program, which scans networks for open ports.
No problem 😉
I guess you mean "nmap"
Yes, that is what I was thinking of.