Collect *nix data in ITSI with the Splunk Add-on for Unix and Linux

You can collect *nix data in Splunk IT Service Intelligence (ITSI) with the Splunk Add-On for Unix and Linux. Entities created through the Splunk Add-on for Unix and Linux integration have the entity type Unix/Linux Add-on.

Prerequisites

Requirement Description
ITSI roles You have to log in as a user with the itoa_admin or sc_admin role.

Steps

Follow these steps to add *nix data to ITSI through the Splunk Add-on for Unix and Linux.ITSI

1. Install the Splunk universal forwarder

If you haven't already, you need to install and configure the Splunk universal forwarder. For instructions, see About the universal forwarder in the Forwarder Manual. For Splunk Cloud Platform, see Configure a universal forwarder to send data to ITSI in Splunk Cloud Platform.

2. Install and configure the Splunk Add-on for Unix and Linux

Follow these steps to install and configure the Splunk Add-on for Unix and Linux:

  1. Review the Splunk Add-on for Unix and Linux requirements. For more information, see Hardware and software requirements for the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
  2. Install the Splunk Add-on for Unix and Linux. For more information, see Install the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
  3. Configure the Splunk Add-on for Unix and Linux. Enable the metrics inputs in the Splunk Add-on for Unix and Linux and set index to itsi_im_metrics. For more information, see Enable data and scripted inputs for the Splunk Add-on for Unix and Linux. If you want to use any other metrics index instead of itsi_im_metrics index, see Use custom metric indexes in ITSI

3. Verify your Unix and Linux integration and view associated entity details dashboards

Follow these steps to check that your entities appear in ITSI, and to view the associated entity details dashboard.

  1. From the ITSI main menu, go to Configuration > Entity Management.
  2. Click View Health on an entity with the entity type Unix/Linux Add-on.