Splunk® Supported Add-ons

Splunk Add-on for EMC VNX

Download manual as PDF

Download topic as PDF

Push the RSA public key to the Control Station for the Splunk Add-on for EMC VNX

The Splunk Add-on for EMC VNX uses SSH to collect data from the filer. Ensure that SSH is installed and configured properly.

Linux SSH

On Linux data collection nodes, OpenSSH client tools must be installed.

1. Determine which user splunkd is running as, then switch to this user.

2. Ensure that the ssh binary is in this user's $PATH.

3. Run the following command to generate an RSA public key. Accept all defaults (without passphrase).

   ssh-keygen -t rsa

4. Copy the key in id_rsa.pub, usually located in ~/.ssh/ directory.

5. Run ssh and log in to each Control Station from which this add-on will collect data (including the standby Control Station) as the precreated account.

6. Go to ~/.ssh on the Control Station. If this directory does not exist, create it as follows:

   mkdir ~/.ssh
   chmod 700 ~/.ssh

7. Edit the authorized_keys file and append the generated public key from above.

   cd ~/.ssh
   vi authorized_keys 

8. Append the key in id_rsa.pub to this file, save, and close.

   chmod 600 authorized_keys

9. From the Splunk data collection node, use SSH to log in to each Control Station again.

   ssh username@vnx_host

The Control Stations should not prompt for a password. If one does require a password, check that you have accurately copied the RSA public key on the collection node to the authorized_keys in Control Station and that the file and directory permissions are correct.

Windows SSH

On Windows data collection nodes, PuTTY client tools must be installed.

1. Download the putty package from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html.

2. Locate plink.exe, puttygen.exe, and putty.exe.

3. Add the path where these are installed (such as %PROGRAMFILES%\putty) to the system PATH.

4. Run puttygen.exe to generate public/private RSA key pair without passphrase.

5. Run puttygen.exe. When the dialog prompts, pick SSH-2 Rsa in the Parameters panel.

6. Click Generate. Tip: quickly moving the mouse can speed up the key generation process.

7. When the generation completes, copy the public key directly from the Public Key for pasting into OpenSSH authorized_keys file panel.

8. For each of Control Stations including the standby Control Station from which the add-on will collect data, log in to the Control Station as precreated account by using putty and append the above generated public key to ~/.ssh/authorized_keys on the Control Station.

9. Click Save private key to save the key under this add-on's local directory $SPLUNK_HOME\etc\apps\Splunk_TA_EMC-vnx\local with the filename id_rsa.ppk. $SPLUNK_HOME is the Splunk Enterprise installation directory, which is C:\Program Files\Splunk by default. Note the add-on expects this file to be there.

10. Figure out which user splunkd is running as and run cmd.exe as that specific user by using PsExec.

11. In the new cmd.exe console, run the following command for each Control Station, including the standby Control Station. When the Store key in cache ? (y/n) prompt appears, enter y. After doing this the first time, log in to all of the Control Stations again to verify that you are not prompted for a password.

 plink -i "$SPLUNK_HOME\etc\apps\Splunk_TA_emc-vnx\local\id_rsa.ppk" username@cs_ip hostname
PREVIOUS
Install VNX CLI for the Splunk Add-on for EMC VNX
  NEXT
Install the Splunk Add-on for EMC VNX

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters