Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the best app to monitor Linux in Splunk?

sandeepmakkena
Contributor
‎10-03-2018 01:14 PM

This is my 1st time working with apps, so I have few questions.

  1. We have a forwarder installed on our host forwarding data to a different index. I want to install Nmon or *nix to monitor Linux systems. What would be the process or steps to get it done ? (I am not sure search head is on the same server with Indexer or not)

  2. Which one of the apps are better (right now we are looking only for dashboards)?

  3. Are they free or do they have license cost ?

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gjanders
SplunkTrust
SplunkTrust
‎10-03-2018 04:11 PM

If your using Splunk 7 or newer try the metricator app for the search heads
Install Technical Addon for the Metricator application for Nmon anywhere you want metrics from (for example search heads, universal forwarders, et cetera)
Support Addon for the Metricator application for Nmon is for the indexers/index setup

Documentation here

The *nix TA doesn't use metrics but can also gather stats/has basic dashboards, Splunk Add-on for Linux has dashboards for metrics and assumes you collect stats via collectd or similar.

Have a read and decide which one you want, they are all free so install and test them and then decide...
Here's the link for the Nix TA: Splunk Add-on for Unix and Linux

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

View solution in original post

Reply
Solved! Jump to solution
Solution

gjanders
SplunkTrust
SplunkTrust
‎10-03-2018 04:11 PM

If your using Splunk 7 or newer try the metricator app for the search heads
Install Technical Addon for the Metricator application for Nmon anywhere you want metrics from (for example search heads, universal forwarders, et cetera)
Support Addon for the Metricator application for Nmon is for the indexers/index setup

Documentation here

The *nix TA doesn't use metrics but can also gather stats/has basic dashboards, Splunk Add-on for Linux has dashboards for metrics and assumes you collect stats via collectd or similar.

Have a read and decide which one you want, they are all free so install and test them and then decide...
Here's the link for the Nix TA: Splunk Add-on for Unix and Linux

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...