Splunk® Content Packs for ITSI and IT Essentials Work

Splunk Content Packs for ITSI and IT Essentials Work

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

About the Content Pack for Monitoring Unix and Linux

The Content Pack for Monitoring Unix and Linux provides the elements needed for monitoring your OS-level health related to Linux and certain types of Unix servers. It uses the Splunk universal forwarder and technology add-on approach to collect log event data stored in Splunk Enterprise. This content pack leverages the Splunk Add-on for Unix and Linux, where the data being collected is sent to event indexes.

The content pack includes a preconfigured service template for monitoring OS health metrics for CPU, memory, disk, and network. The KPIs in the service template are configured for general purpose only. You must tune them to accommodate your specific use case.

Splunk Cloud Platform installation

Splunk Cloud Platform users can install this content pack directly through the ITSI Content Library, which is included in the ITSI 4.8.x installation package. For installation instructions, see Install and configure the Content Pack for Monitoring Unix and Linux.

On-premises installation

On-premises users currently need to download the embedded backup ZIP file from the installation steps in the documentation and restore it in ITSI using the backup/restore functionality. The Content Library will be made available to on-premises users in a future release. See the installation instructions for this content pack to access the ZIP file.

Contents

This content pack contains the following objects:

  • OS-level KPIs
  • Five KPI base searches
    • OS:Performance.NIX-bandwidth
    • OS:Performance.NIX-cpu
    • OS:Performance.NIX-df
    • OS:Performance.NIX-iostat
    • OS:Performance.NIX-vmstat
  • A service template named Unix and Linux server health
  • A sample service named SAMPLE - Unix and Linux server health to use for testing entity filtering and KPI thresholds

Deployment requirements

Use the following table to determine ITSI version compatibility with various versions of the Content Pack for Monitoring Unix and Linux:

Content pack version ITSI version
1.0.1 4.6.0 and higher
1.0.0 4.2.1 - 4.5.x

Additional resources

Last modified on 11 October, 2021
PREVIOUS
KPI reference for the Content Pack for Monitoring Splunk as a Service
  NEXT
Release notes for the Content Pack for Monitoring Unix and Linux

This documentation applies to the following versions of Splunk® Content Packs for ITSI and IT Essentials Work: current


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters