Collect *nix data in ITE Work with the Splunk Add-on for Unix and Linux
You can collect *nix data in (ITE Work) with the Splunk Add-On for Unix and Linux. Entities created through the Splunk Add-on for Unix and Linux integration have the entity type Unix/Linux Add-on
.
Prerequisites
Requirement | Description |
---|---|
ITE Work roles | You have to log in as a user with the itoa_admin or sc_admin role. |
Steps
Follow these steps to add *nix data to ITE Work through the Splunk Add-on for Unix and Linux.ITE Work
1. Install the Splunk universal forwarder
If you haven't already, you need to install and configure the Splunk universal forwarder. For instructions, see About the universal forwarder in the Forwarder Manual. For Splunk Cloud Platform, see Configure a universal forwarder to send data to ITE Work in Splunk Cloud Platform.
2. Install and configure the Splunk Add-on for Unix and Linux
Follow these steps to install and configure the Splunk Add-on for Unix and Linux:
- Review the Splunk Add-on for Unix and Linux requirements. For more information, see Hardware and software requirements for the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
- Install the Splunk Add-on for Unix and Linux. For more information, see Install the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
- Configure the Splunk Add-on for Unix and Linux. Enable the metrics inputs in the Splunk Add-on for Unix and Linux and set index to itsi_im_metrics. For more information, see Enable data and scripted inputs for the Splunk Add-on for Unix and Linux. If you want to use any other metrics index instead of itsi_im_metrics index, see Use custom metric indexes in ITE Work.
3. Verify your Unix and Linux integration and view associated entity details dashboards
Follow these steps to check that your entities appear in ITE Work, and to view the associated entity details dashboard.
- From the ITE Work main menu, go to Configuration > Entity Management.
- Click View Health on an entity with the entity type
Unix/Linux Add-on
.
*nix data you can collect with collectd in ITE Work | Collect *nix metrics and logs with the data collection script in ITE Work |
This documentation applies to the following versions of Splunk® IT Essentials Work: 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.10.0 Cloud only, 4.10.1 Cloud only, 4.10.2 Cloud only, 4.10.3 Cloud only, 4.10.4 Cloud only, 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.6, 4.12.0 Cloud only, 4.12.2 Cloud only, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.14.0 Cloud only, 4.14.1 Cloud only, 4.14.2 Cloud only, 4.15.0, 4.15.1, 4.15.2, 4.15.3, 4.16.0 Cloud only, 4.17.0, 4.17.1
Feedback submitted, thanks!