Content Pack for Unix Dashboards and Reports

Content Pack for Unix Dashboards and Reports

This documentation does not apply to the most recent version of Content Pack for Unix Dashboards and Reports. For documentation on the most recent version, go to the latest release.

Reports reference for the Content Pack for Unix Dashboards and Reports

The Content Pack for Unix Dashboards and Reports includes several reports through which you can proactively monitor and troubleshoot your environment.

Access the reports

To access the content pack reports, perform the following steps:

  1. Log into Splunk Web.
  2. Select App > IT Service Intelligence or IT Essentials Work.
  3. From the navigation bar, select Dashboards > Reports to see the list of reports.
  4. In the App column, reports listed as DA-ITSI-CP-unix-dashboards are part of the Content Pack for Unix Dashboards and Reports.

Available reports

The following table lists the reports that are present in the Content pack for Unix Dashboards and Reports:

Report name Description
Consumption by User Last Hour (UNIX - CPU) Shows the Percent of CPU usage per user in the last hour.
Top Users by Consumption Last Hour (UNIX - CPU) Shows the top CPU consumption for the last hour with respect to users.
10 Most Popular Executables Last Hour (UNIX - CPU) Provides the 10 most frequently executed commands in the last hour.
vmstat Shows the data populated under the source type vmstat for the last hour.
ps Shows the status of the processes running over the last hour.
top Shows a list of processes or threads managed by the system that are running over the last hour.
hardware Shows the data generated under the hardware sourcetype for the last day.
iostat Shows the data related to the iostat command. For example., the input/output devices that are loaded in the system, over the last day.
netstat Shows a list of all network connections on the system over the last hour.
protocol Shows the data for the protocol sourcetype for the last hour.
openPorts Shows the data for the openports sourcetype for the last hour.
time Shows the data for the time sourcetype for the last day.
lsof Shows the list of open files for the last 30 minutes.
df Shows the amount of available disk over the last day.
who Shows the data for the who sourcetype for the last hour.
usersWithLoginPrivs Shows the login details of the user for the last day
lastlog Shows the latest log details within the last hour
interfaces Shows the details about the interfaces within the last hour
cpu Shows the data collected corresponding to the system CPU for the last hour.
package Shows the data for the CPU package for the last day.
User Add Shows the data regarding events when a user is added to the system.
Group Add Shows the data regarding events when a group is added to the system.
Password Change Shows the data related to the time and event at which the password is changed.
Password Change Failed Shows the data related to the time and event at which password change has failed.
Failed Attempts at SU Shows data about failed attempts at switching the user in the system.
Frequently Opened Ports (UNIX - NET) Shows the data details regarding frequently opened port addresses.
Top 10 Users by Virtual Memory Last Hour (UNIX - MEM) Shows the data regarding the top 10 users of virtual memory over the last hour.
Virtual Memory Subsystem Stats (UNIX - MEM) Displays virtual memory details related to the subsystems.
Memory Usage over Last 3 Hours (UNIX - MEM) Shows the data regarding memory usage over the last 3 hours.
Avg Resident Memory by Process Last 3 Hours (UNIX - MEM) Shows total memory used by each command.
Avg Virtual Memory by Process Last 3 Hours (UNIX - MEM) Shows the average virtual memory occupied by the processes over the last 3 hours.
Latest Packages by Host Shows the logs of packages accessed with respect to each host.
Hardware Configurations by Host Shows the data related to hardware configuration details corresponding to each host.
UNIX - All Logs Shows all the collected logs of the system.
UNIX - All Configs Shows the logs related to all the configuration updates.
UNIX - Timechart Errors Or Critical Shows the data related to errors that occurred in the system.
UNIX - Timechart Config Changes Shows the time-series formatted changes in configuration.
Dropdown Lookup - Dimension Shows the data stored in dropdowns.csv.
Metrics Selectable Lookup Shows the data related to unix categories and groups.
UNIX - Perf - ps mem by cmd Shows the data regarding memory occupied by a list of all processes.
UNIX - Perf - cpu by cmd Shows the average use of CPU % used by each command.
UNIX - Perf - iostat blk rw sec Shows the time-series formatted use of read and write devices connected with a system.
UNIX - Perf - iostat blk wr sec by hostUNIX - Perf - iostat blk wr sec by host Shows the time-series formatted use of read and write devices connected with the system in reference to each host.
UNIX - System - lsof open files by user Shows list of open files in reference to each user.
UNIX - System - netstat count by proto Shows all the connections established by each type of protocol on the system.
UNIX - System - netstat count by type Shows the data of connections grouped in reference to their type
UNIX - Perf - ps cpu by command Shows the % CPU used by each command.
UNIX - Perf - ps rss mem by user Shows data regarding average memory occupied by each user.
UNIX - Perf - ps rss mem by command Shows data regarding average memory used by each command.
UNIX - Perf - top cpu by host Shows data regarding average CPU usage by each host.
UNIX - System - vmstat free mem by host Shows the average free memory used by each host.
UNIX - System - vmstat total mem by host Shows the average total memory used by each host.
UNIX - Home - memory used by host realtime Shows the average memory percentage used by each host.
UNIX - Home - cpu used by host realtime Shows the median of CPU used by each host.
alerts_fired Shows the data associated with the "action" of a fired alert.
fired_alerts Shows the data associated with the "index" for the fired alert.
Last modified on 04 January, 2022
Troubleshoot the Content Pack for Unix Dashboards and Reports  

This documentation applies to the following versions of Content Pack for Unix Dashboards and Reports: 1.1.0, 1.1.1, 1.1.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters