Splunk® App for Unix and Linux (Legacy)

Install and Use the Splunk App for Unix and Linux

Acrobat logo Download manual as PDF


On March 13, 2022, the Splunk App for Unix and Linux will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app has migrated to a content pack in Data Integrations. Learn about the Content Pack for Unix Dashboards and Reports.The Splunk Add-on for Unix and Linux remains supported.
This documentation does not apply to the most recent version of Splunk® App for Unix and Linux (Legacy). For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

About the Splunk Add-on for Unix and Linux

The Splunk Add-on for Unix and Linux provides inputs for Linux and Unix management. Unlike the full app, it does not contain any dashboards, reports, or saved searches, nor does it have a user interface.

You can install the Splunk Add-on for Unix and Linux on a forwarder to send data from any number of *nix machines to a central Splunk indexer or group of indexers that run the app. You can also use the add-on to provide data for other apps, such as the Splunk App for Enterprise Security.

For more information about what the full app does, read "About the Splunk App for Unix and Linux."

For more information about what data the add-on collects from your *nix servers, read "What data the Splunk App and Splunk Add-on for Unix and Linux collect."

How does it work?

The Splunk Add-on for Unix and Linux runs on top of a Splunk indexer or forwarder and, like the full app, gathers various system metrics using a number of data inputs. These include but are not limited to:

  • Hardware information - CPU type, count, and cache; hard drives; network interface cards, count, and memory, as well as CPU statistics.
  • Disk information, including available disk space and associated input/output statistics for devices and partitions.
  • Information about the configured network interfaces, including connections, routing tables, and TCP/UDP transfer statistics .
  • User statistics, including last login times for system accounts, user attributes, and security-related information.
  • Information about processes, the files they open, and other resources they use.

How do I get it?

Download the Splunk Add-on for Unix and Linux from Splunkbase.

How do I upgrade from a previous version?

If you are already running the Splunk Technology Add-on for Unix and Linux and want to upgrade, the upgrade process is simple - you download the add-on installation package and unpack it into the same directory as the existing technology add-on.

For information on known issues in this version, review the release notes.

Last modified on 14 November, 2013
PREVIOUS
About the Splunk App for Unix and Linux 		  NEXT
About the Splunk Supporting Add-on for Unix and Linux

This documentation applies to the following versions of Splunk® App for Unix and Linux (Legacy): 5.0

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters