Splunk® Supported Add-ons

Splunk Add-on for Java Management Extensions

Download manual as PDF

Download topic as PDF

Prepare JMX servers for the Splunk Add-on for JMX

Before you configure your inputs, prepare your JMX servers for connectivity with the Splunk platform. Depending on how you want to set up your inputs for each server, you may need to configure connectivity in different ways for different servers.

Connect to a local JVM using a process ID

When connecting directly to local JVM using a process ID, the JRE uses a native library called attach.dll on Windows and libattach.so on Linux. In Windows, the library is located at %JRE_HOME%\bin\attach.dll In Linux, the library is located at $JDK_HOME/jre/lib/i386/libattach.so


Steps

  1. If you are using Windows, add %JAVA_HOME%\jdk1.x.x_xx\jre\bin\ to the environment variable %PATH%.
    If you are using Linux, the attach library is only packaged in the JRE that is part of a JDK install. If you do not have libattach.so, you can get it from the JDK($JDK_HOME/lib/) and copy it into the JRE's lib ($JDK_HOME/jre/lib/) directory.
  2. (Optional) To use this method to connect to your local JVMs when you configure your data inputs for this add-on, select one of the three connection type options under Attach to process when you add a server. For more information, see Configure the inputs for the Splunk Add-on for JMX.

Get process id from service name

Use the following command to get the process id of any service.

 ps -eafH | grep "java" | grep "{your_service_name}" | grep -v "grep" | awk '{print $2}'

Connect to a local or remote JMX server via system properties

To set up a JMX server for remote access, follow the instructions in the Oracle documentation: http://download.oracle.com/javase/1.5.0/docs/guide/management/agent.html#remote

Select either rmi or iiop as your connection type when you configure your inputs if you use this method to connect to your local or remote JVMs. For more information, see Configure the inputs for the Splunk Add-on for JMX.

Connect to a local or remote JMX server using MX4J

The Splunk Add-on for JMX supports MX4J as the JMX implementation for remote connectors (rmi and iiop). You can also use any of the MX4J-specific JMX connectors (soap, burlap, hessian).

MX4J-specific JMX connectors are not supported with the Java 8 runtime.

For more details about MX4J, see http://mx4j.sourceforge.net.

Select the MX4J-specific JMX connector that you use as your connection type when you configure your inputs if you use this method to connect to your local or remote JVMs. For more information, see Configure the inputs for the Splunk Add-on for JMX.

If you are using any of the HTTPS connectors (soap+ssl, hessian+ssl, burlap+ssl), the root certification authority should be present in the trusted certificates, normally stored in the $JAVA_HOME/jre/lib/security/cacerts file.

To connect to a JMX server with SSL, follow these steps.

Prerequisites

Steps

  1. Export the server certification to a file. Use the keytool utility provided by Java to generate the SSL certificate. The following example uses the filename server.cer: > keytool -export -keystore <server_key_store> -alias <key_alias> -file server.cer
  2. Copy the file to the machine running Splunk Enterprise.
  3. Create a keystore file, set your password, name it mx4j.ks and put it under $SPLUNK_HOME/etc/apps/Splunk_TA_jmx/bin.
  4. Import server.cer into mx4j.ks using your password. > keytool -import -keystore mx4j.ks -alias <key_alias> -file server.cer
  5. Restart Splunk Enterprise.

Next, configure your inputs.

Last modified on 04 February, 2020
PREVIOUS
Upgrade the Splunk Add-on for JMX
  NEXT
Configure inputs for the Splunk Add-on for JMX in Splunk Web

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters