Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to index Nix metrics via Splunk Add-on for Splunk Nix instances?

Abha11
Explorer
‎10-05-2020 06:55 AM

I want to monitor our Linux Splunk instances and am using the Splunk Add-on for Nix to collect metrics data and am sending it to em_metrics index and monitoring them as SAI entities via SAI on search head. 

We have a clustered environment. I am trying to get data from 3 members indexer cluster and 3 members SH cluster. We have universal forwarders installed on all of our instances. I tried to deploy the add-on to UF’s but I couldn’t see the entities on SAI (no data coming through from the hosts). 

Now I have installed Nix add-on to the indexer cluster and SH cluster and have changed the inputs to send data to em_metrics index being used in SAI. 

The issue that I am facing is for the indexer/SH cluster it is only displaying indexer master and SH cluster captain entities in SAI. I can see the IP's of other members in the dimensions of entities, but I want each host as a seperate entity. 

Could anyone please guide me through if I am doing something wrong or how I can achieve what I want to see SAI app? I have been stuck for a few days, so any help is appreciated. 

Thanks.

Tags (1)
0 Karma
Reply
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Get Updates on the Splunk Community!