About the Content Pack for Monitoring Unix and Linux
The Content Pack for Monitoring Unix and Linux provides the elements needed for monitoring your OS-level health related to Linux and certain types of Unix servers. It uses the Splunk universal forwarder and technology add-on approach to collect log event data stored in Splunk Enterprise. This content pack leverages the Splunk Add-on for Unix and Linux, where the data being collected is sent to event indexes.
The content pack includes a preconfigured service template for monitoring OS health metrics for CPU, memory, disk, and network. The KPIs in the service template are configured for general purpose only. You must tune them to accommodate your specific use case.
Splunk Cloud Platform installation
Splunk Cloud Platform users can install this content pack directly through the ITSI Content Library, which is included in the ITSI 4.8.x installation package. For installation instructions, see Install and configure the Content Pack for Monitoring Unix and Linux.
On-premises users currently need to download the embedded backup ZIP file from the installation steps in the documentation and restore it in ITSI using the backup/restore functionality. The Content Library will be made available to on-premises users in a future release. See the installation instructions for this content pack to access the ZIP file.
This content pack contains the following objects:
- OS-level KPIs
- Five KPI base searches
- A service template named
Unix and Linux server health
- A sample service named
SAMPLE - Unix and Linux server healthto use for testing entity filtering and KPI thresholds
Use the following table to determine ITSI version compatibility with various versions of the Content Pack for Monitoring Unix and Linux:
|Content pack version||ITSI version|
|1.0.1||4.6.0 and higher|
|1.0.0||4.2.1 - 4.5.x|
- For ITSI deployment planning guidelines, see Plan your ITSI deployment in the Install and Upgrade manual.
- For ITSI version compatibility with Splunk Enterprise versions, see Splunk products version compatibility matrix.
- For data collection requirements for this content pack, see Data requirements for the Content Pack for Monitoring Unix and Linux.
KPI reference for the Content Pack for Monitoring Splunk as a Service
Release notes for the Content Pack for Monitoring Unix and Linux
This documentation applies to the following versions of Splunk® Content Packs for ITSI and IT Essentials Work: current