Overview of content packs and the ITSI Content Library
Splunk IT Service Intelligence (ITSI) content packs provide out-of-the-box content that you can use to quickly set up your ITSI environment. This content can include preconfigured KPI base searches, service templates, saved glass tables, and other objects for use within ITSI. For more information about ITSI, see About Splunk IT Service Intelligence in the Administration Manual.
Once installed, the objects within a content pack are completely configurable. If you want to do things like change a search's frequency, adjust latency, or change calculation methods, just edit that object directly. Most importantly, many content packs include service templates as a way to easily link one of your existing services to a predefined set of KPIs.
Most content packs process data collected through the use of Splunk add-ons. Add-ons collect host, network, and other data from computers that you install them on and map that data to a data model. Add-ons power the data underlying the metrics for each content pack. For more information, see About Splunk add-ons in the Splunk Add-ons manual.
ITSI Content Library
The ITSI Content Library is an app that lets you access content packs, preview their contents, and install them in your environment. The Content Library is compatible with ITSI version 4.8.0 and later. As new content packs become available or current ones are updated, you can download the most recent version of the Content Library to get this new content. When you install an updated version of an individual content pack, you can see which objects are new to the content pack and which have been changed.
The following image shows the ITSI Content Library:
Content packs for on-premises users
The Content Library is currently only available to Splunk Cloud customers. If you have an on-premises ITSI deployment, you need to follow the original process of downloading the content pack as a backup ZIP file and restoring it using the backup/restore functionality. The ZIP files are embedded within the documentation in the installation steps of each content pack. The Content Library will be made available to on-premises customers in a future ITSI release.
Available content packs
The following content packs are available for use within ITSI:
|Content Pack for Monitoring Unix and Linux||Provides the elements needed for monitoring your OS-level health related to Linux and certain types of Unix servers.|
|Content Pack for Monitoring Microsoft Windows||Provides the elements needed for monitoring your OS-level health related to Windows servers.|
|Content Pack for Shared IT Infrastructure Components||Supports approaches for mapping service dependencies within ITSI.|
|Content Pack for Monitoring and Alerting||Provides a prescriptive blueprint for enterprise-wide alerting across all your ITSI services.|
|Content Pack for Example Glass Tables||Provides a starting point for monitoring various use cases on the glass table canvas.|
|Content Pack for Monitoring Splunk as a Service||Provides OS and application-level monitoring of your Splunk Enterprise environment.|
|Content Pack for Monitoring Citrix||Provides a quick way to build ITSI services to monitor your Citrix virtual apps and desktop infrastructure.|
|Content Pack for VMware Monitoring||Provides the elements necessary to monitor the performance of the main components in a VMware vSphere environment.|
|Content Pack for Splunk Infrastructure Monitoring||Provides the elements necessary to use ITSI monitoring tools to visualize and troubleshoot your Splunk Infrastructure Monitoring cloud services.|
|Content Pack for Monitoring Pivotal Cloud Foundry||Provides the elements necessary for monitoring your Pivotal Cloud Foundry deployment.|
|Content Pack for Monitoring Phantom as a Service||Provides an ITSI-based approach to monitor the health of your Phantom server environment.|
About the Content Pack for Monitoring Unix and Linux
This documentation applies to the following versions of Splunk® ITSI Content Packs: current