Splunk® IT Service Intelligence

Entity Integrations Manual

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

About Unix and Linux entity integration in ITSI

When you collect *nix data through the Unix and Linux entity integration in IT Service Intelligence (ITSI), your entities are created by discovery searches and are automatically associated with entity types. You also gain access to prebuilt dashboards for each associated entity type. The following sections walk through the two ways you can add *nix data to ITSI through the Unix and Linux entity integrations. For information about data you can collect using this integration, see *nix data you can collect with ITSI.

Collect *nix data with the Splunk Add-on for Unix and Linux

The Splunk Add-on for Unix and Linux collects both metrics and logs data. Entities created through the Splunk Add-on for Unix and Linux integration have the entity type Unix/Linux Add-on To use this integration you need to install and configure the Splunk Add-on for Unix and Linux and the Splunk universal forwarder. When you collect *nix data with the add-on, you don't run the easy install script. For more information, see Collect *nix data in ITSI with the Splunk Add-on for Unix and Linux.

Collect *nix data with collectd and Splunk universal forwarder

There are two ways to collect *nix data with collectd and Splunk universal forwarder. Entities collected through collectd have entity type *nix.

Option one: Add data to ITSI with the collectd easy install script

When you run the *nix collectd easy install script, the universal forwarder and collectd are automatically installed on your machine. You can collect logs in addition to the metrics in the easy install script. For more information, see Collect *nix metrics and logs with the data collection script in ITSI.

Option two: Manually install and configure collectd and Splunk universal forwarder

You can manually set up collectd to collect metrics from a *nix host and collect log data for *nix systems with a universal forwarder. Manually configure metrics collection for a *nix host when you meet at least one of these conditions:

  • You're installing collectd on a closed network with no internet access.
  • You already installed collectd on the host.
  • You don't have trusted URLs that you can download the required packages and dependencies from.

If you want to collect metrics from a *nix host, see Manually collect metrics from a *nix host in ITSI. If you also want to collect log data from a *nix host, see Manually collect logs from a *nix host in ITSI.

Troubleshooting

If you have problems setting up the Unix and Linux entity integration, see Troubleshoot the Unix and Linux entity integration in ITSI.

Last modified on 11 November, 2020
PREVIOUS
Analyze entity performance metrics in ITSI
  NEXT
Unix and Linux integration requirements in ITSI for collectd

This documentation applies to the following versions of Splunk® IT Service Intelligence: 4.6.0 Cloud only, 4.6.1 Cloud only, 4.6.2 Cloud only, 4.7.0, 4.7.1, 4.7.2, 4.8.0 Cloud only, 4.8.1 Cloud only, 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.10.0 Cloud only, 4.10.1 Cloud only, 4.10.2 Cloud only


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters