On March 13, 2022, the Splunk App for Unix and Linux will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app has migrated to a content pack in Data Integrations. Learn about the Content Pack for Unix Dashboards and Reports.The Splunk Add-on for Unix and Linux remains supported.
This documentation does not apply to the most recent version of Splunk® App for Unix and Linux (Legacy).
For documentation on the most recent version, go to the latest release.
Release notes
This topic contains information on new features, known issues, and updates as we version the Splunk App for Unix and Linux.
What's new
Here's what's new in the latest version of the Splunk App for Unix and Linux:
| Publication date | Defect number | Description |
| 2015-5-19 | N/A | Bug fixes. |
Current known issues
The Splunk App for Unix and Linux has the following known issues:
| Publication date | Defect number | Description |
| 2015-08-12 | TAG-9619, TAG-9620 | The app does not currently work with search head pools or search head clusters. |
| N/A | NIX-467 | When you install the app and point it at the indexes which contain your *nix data, it might take up to 15 seconds for that data to begin showing up in the app. This is due to lookup generation. |
| N/A | NIX-428 | The colors in the Metrics Viewer graphs do not update correctly if you transpose sliders in the Metrics Viewer's threshold bar. |
| N/A | NIX-353 NIX-409 |
When in node view, the Hosts dashboard sometimes shows inconsistent colors with respect to the detailed view colors. |
| N/A | NIX-370 NIX-413 |
When you use Firefox to access the Splunk App for Unix and Linux, the radial graphs in the Home dashboard sometimes do not display correctly. The slices within the graphs sometimes spill out of their containers. To work around the problem, refresh the page. |
| N/A | APP-166 | On FreeBSD systems, neither the lsof.sh scripted input nor the dashboards based on the lsof source type are functional.
|
| N/A | N/A | On HP/UX systems, there is no way to obtain the number of threads on a system. This means that the vmstat scripted inputs will always return "?" for threads columns on HP/UX.
|
| N/A | NIX-42 | On Solaris systems, the hardware.sh scripted input sometimes returns empty values for some entries.
|
| N/A | NIX-537 | If you clone an existing alert saved search, you cannot edit the search using the "Settings: Alerts" configuration page. |
| N/A | NIX-536 | You cannot create custom alerts using Splunk Web; you must do so with configuration files. |
| N/A | NIX-560 | If you remove the default group, you sometimes receive an error "Unknown search command: 'all'" when you load the Home page.
|
| N/A | NIX-320 | In the Hosts page, if you do not wait for all data on a host information card to load before pinning that card, when you select another host, the original host information card does not remain pinned. |
| N/A | NIX-570 | The app's scripted inputs do not work when the directory that they are hosted in contains spaces. This is particularly an issue with Mac OS X. |
| N/A | NIX-584 | The full-screen NOC screen legends do not display correctly in Chrome. |
| N/A | NIX-587 | You are not able to drill down into a specific host on the Hosts dashboard. |
| N/A | NIX-695 | The app does not run saved searches that you create and run successfully. To work around the problem, check for the search name(s) stanza and edit $SPLUNK_HOME/etc/users/<username>/splunk_app_for_nix/local/savedsearches.conf and in $SPLUNK_HOME/etc/apps/splunk_app_for_nix/local/savedsearches.conf and set the display view and request.ui_dispatch_view attribute to blank:
|
Change Log (what's been fixed)
| Publication date | Defect number | Description |
| 2015-5-19 | TAG-3917 | Lookups that ship with the Splunk Supporting Add-on for Unix and Linux now apply to the data that they are relevant to rather than systemwide, and only export to apps that require them, rather than to all apps. |
| 2015-5-19 | TAG-3998 | The app no longer generates an invalid URL when you type in a search in the search tab. |
| 2015-5-19 | TAG-4000 | The Disk_Used_Exceeds_Perc_by_Host search now properly calculates the percentage of disk space overage. (TAG-4000)
|
| 2015-5-19 | TAG-4210 | The heat map now works properly on the Hosts View page when you select a disk. |
| 2015-5-19 | TAG-8603 | The "Categories > Hosts not in <group>" page in the Settings page now populates when you have more than 4 indexes listed in the "Your Data > Unix index(es)" page. |
Last modified on 12 August, 2015
| Search macros | Third-party software attributions/credits |
This documentation applies to the following versions of Splunk® App for Unix and Linux (Legacy): 5.0.2
Download manual
Feedback submitted, thanks!