Splunk® App for Unix and Linux (Legacy)

Install and Use the Splunk App for Unix and Linux

On March 13, 2022, the Splunk App for Unix and Linux will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app has migrated to a content pack in Data Integrations. Learn about the Content Pack for Unix Dashboards and Reports.The Splunk Add-on for Unix and Linux remains supported.
This documentation does not apply to the most recent version of Splunk® App for Unix and Linux (Legacy). For documentation on the most recent version, go to the latest release.

Install the Splunk App for Unix and Linux

This topic guides you through the steps required to install the Splunk App for Unix and Linux.

The installation package for the Splunk App for Unix and Linux is actually a suite of packages:

  • The Splunk App for Unix and Linux, which provides dashboards, reports, alerts, lookups, and macros for use with Splunk Web.
  • The Splunk Add-on for Unix and Linux, which collects the *nix data from *nix servers.
  • The Supporting Add-on for Unix and Linux (SA-nix).

Also Included with the package is a folder, etc/deployment-apps/Splunk_TA_nix, which is a version of the Splunk Add-on for Unix and Linux that you can place into a deployment server to distribute as you wish across the *nix servers on your network.

As the installation package is a suite, you can not install the package through either Splunk Web or Splunk's CLI. You must install from the command line.

Once you install the package, you might need to make additional configurations based on your specific setup.

Install the Splunk App for Unix and Linux on a single server

To install the Splunk App for Unix and Linux suite on a single server:

1. Download the Splunk app for Unix and Linux from Splunk Apps, if you haven't already.

Note: The file downloads with a .zip extension. Do not attempt to run this file.

2. Unzip the file directly into your Splunk home directory. 

unzip splunk_app_for_nix.zip -d $SPLUNK_HOME

Note: You might need to use your system's package manager to download and install the unzip binary.

3. Confirm that the Splunk App for Unix and Linux has installed into the proper directory.

Note: The installation package is designed to install into $SPLUNK_HOME, at:

  • $SPLUNK_HOME/etc/apps/splunk_app_for_nix (Splunk App for Unix and Linux)
  • $SPLUNK_HOME/etc/apps/Splunk_TA_nix (Splunk Add-on for Unix and Linux)
  • $SPLUNK_HOME/etc/apps/SA-nix (Splunk Supporting Add-on for Unix and Linux)
  • $SPLUNK_HOME/etc/deployment-apps/Splunk_TA_nix (Splunk Add-on for Unix and Linux - for use on deployment servers)

4. Restart Splunk to complete the installation of the app.

5. Proceed to the "Log in and get started" page to continue using the app.

Notes

If you do not plan to use a deployment server to distribute the Splunk Add-on for Unix and Linux, you can delete the $SPLUNK_HOME/etc/deployment-apps/Splunk_TA_nix directory before restarting Splunk.

Last modified on 07 October, 2013
What a Splunk App for Unix and Linux deployment looks like   Install the Splunk App for Unix and Linux in a distributed Splunk environment

This documentation applies to the following versions of Splunk® App for Unix and Linux (Legacy): 5.0

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters