Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What are recommendations for monitoring information on a Linux server?

newbiesplunk
Path Finder
‎03-01-2015 05:29 PM

Hi,

I wish to monitor linux server info like number of CPU, processor, linux version etc in Splunk. What will be the recommended info to get from linux server and how do I do this? thks

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Gilberto_Castil
Splunk Employee
Splunk Employee
‎03-01-2015 06:30 PM

Your first step is to download and install the Splunk Universal Forwarder on the end point server that you wish to monitor. This is the preferred vehicle to read and upload data from your server to a Splunk Indexer. There are many types of helpful ways to figure out how to

  1. Install the Universal Forwarder and
  2. How to get data from Linux to a Splunk Indexer

To address your specific question, the best way to get started is to use the Splunk Add-on for Unix and Linux. This particular Add-on is configured on your the end point server that you wish to monitor. There is a detailed list of of the data obtained with this Add-on in the following link.

http://docs.splunk.com/Documentation/UnixAddOn/5.1.1/User/Whatdataarecollected

It is important to understand that the *NIX Add-on (above) is just part of the configuration of your Splunk Universal Forwarder. To complement the entire piece, you may want to use the Splunk App for Unix and Linux. This app is installed on your Splunk Indexer. This is documented in the following link.

http://docs.splunk.com/Documentation/UnixApp/5.0.1/User/AbouttheSplunkAppforUnix

I hope this helps,

-gc

View solution in original post

Reply
Solved! Jump to solution
Solution

Gilberto_Castil
Splunk Employee
Splunk Employee
‎03-01-2015 06:30 PM

Your first step is to download and install the Splunk Universal Forwarder on the end point server that you wish to monitor. This is the preferred vehicle to read and upload data from your server to a Splunk Indexer. There are many types of helpful ways to figure out how to

  1. Install the Universal Forwarder and
  2. How to get data from Linux to a Splunk Indexer

To address your specific question, the best way to get started is to use the Splunk Add-on for Unix and Linux. This particular Add-on is configured on your the end point server that you wish to monitor. There is a detailed list of of the data obtained with this Add-on in the following link.

http://docs.splunk.com/Documentation/UnixAddOn/5.1.1/User/Whatdataarecollected

It is important to understand that the *NIX Add-on (above) is just part of the configuration of your Splunk Universal Forwarder. To complement the entire piece, you may want to use the Splunk App for Unix and Linux. This app is installed on your Splunk Indexer. This is documented in the following link.

http://docs.splunk.com/Documentation/UnixApp/5.0.1/User/AbouttheSplunkAppforUnix

I hope this helps,

-gc

Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...