Splunk® Supported Add-ons

Splunk Add-on for Linux

When to use the Splunk Add-on for Linux

There are two Splunk supported add-ons applicable for Linux: the Splunk Add-on for Linux and the Splunk Add-on for Unix and Linux. Depending on your use case, you may want to use either or both:

User scenario Use this add-on
Collect performance metrics from Linux using CollectD Splunk Add-on for Linux
Collect events from Linux using AuditD Splunk Add-on for Linux
Collect performance metrics from Unix hosts or Linux hosts without CollectD Splunk Add-on for Unix and Linux
Collect security events from Unix or Linux hosts Splunk Add-on for Unix and Linux

See What data the Splunk Add-on for Unix and Linux collects and what data the Splunk Add-on for Linux collects for more details about the data these two add-ons collect.

The Splunk Add-on for Unix and Linux and the Splunk Add-on for Linux are unrelated add-ons. There is no upgrade or migration from one to the other. If you want to replace the Splunk Add-on for Unix and Linux with the Splunk Add-on for Linux, you must disable any metrics inputs configured in the Splunk Add-on for Unix and Linux to prevent duplicate data collection.

Last modified on 25 July, 2022
Source types for the Splunk Add-on for Linux   Release notes for the Splunk Add-on for Linux

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters