Splunk® IT Essentials Work

Entity Integrations Manual

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® IT Essentials Work. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Collect *nix data in ITE Work with the Splunk Add-on for Unix and Linux

You can collect *nix data in (ITE Work) with the Splunk Add-On for Unix and Linux. Entities created through the Splunk Add-on for Unix and Linux integration have the entity type Unix/Linux Add-on.

Prerequisites

Requirement Description
ITE Work roles You have to log in as a user with the itoa_admin or sc_admin role.

Steps

Follow these steps to add *nix data to ITE Work through the Splunk Add-on for Unix and Linux.ITE Work

1. Install the Splunk universal forwarder

If you haven't already, you need to install and configure the Splunk universal forwarder. For instructions, see About the universal forwarder in the Forwarder Manual. For Splunk Cloud Platform, see Configure a universal forwarder to send data to ITE Work in Splunk Cloud Platform.

2. Install and configure the Splunk Add-on for Unix and Linux

Follow these steps to install and configure the Splunk Add-on for Unix and Linux:

  1. Review the Splunk Add-on for Unix and Linux requirements. For more information, see Hardware and software requirements for the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
  2. Install the Splunk Add-on for Unix and Linux. For more information, see Install the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
  3. Configure the Splunk Add-on for Unix and Linux. Enable the metrics inputs in the Splunk Add-on for Unix and Linux and set index to itsi_im_metrics. For more information, see Enable data and scripted inputs for the Splunk Add-on for Unix and Linux. If you want to use any other metrics index instead of itsi_im_metrics index, see Use custom metric indexes in ITE Work

3. Verify your Unix and Linux integration and view associated entity details dashboards

Follow these steps to check that your entities appear in ITE Work, and to view the associated entity details dashboard.

  1. From the ITE Work main menu, go to Configuration > Entity Management.
  2. Click View Health on an entity with the entity type Unix/Linux Add-on.
Last modified on 28 February, 2024
PREVIOUS
*nix data you can collect with collectd in ITE Work
  NEXT
Collect *nix metrics and logs with the data collection script in ITE Work

This documentation applies to the following versions of Splunk® IT Essentials Work: 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.10.0 Cloud only, 4.10.1 Cloud only, 4.10.2 Cloud only, 4.10.3 Cloud only, 4.10.4 Cloud only, 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.6, 4.12.0 Cloud only, 4.12.2 Cloud only, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.14.0 Cloud only, 4.14.1 Cloud only, 4.14.2 Cloud only, 4.15.0, 4.15.1, 4.15.2, 4.15.3, 4.16.0 Cloud only, 4.17.0, 4.17.1


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters