Use the Splunk Add-on for Unix and Linux
The Splunk Add-on for Unix and Linux does not have a user interface other than the setup page. You do not use the add-on more than you install and configure it to collect the *nix data you want to send to apps, such as Splunk Enterprise Security or IT Service Intelligence, that require knowledge objects from this add-on.
You can use the Splunk Add-on for Unix and Linux with:
- The Splunk App for Unix and Linux. This app lets you view data collected from many *nix machines and display charts, graphs, and reports based on that data. This app is the main purpose for using the add-on.
- Splunk Enterprise Security. This app lets you evaluate security threats and other security metrics based on data collected by the Splunk Add-on for Unix and Linux and many others.
- Splunk IT Service Intelligence. This app provides actionable insight into the performance and behavior of your IT services.
Enable data and scripted inputs for the Splunk Add-on for Unix and Linux
Source types and CIM data model info
This documentation applies to the following versions of Splunk® Add-on for Unix and Linux: 5.2.4