1. Install the Splunk universal forwarder

If you haven't already, you need to install and configure the Splunk universal forwarder. For instructions, see About the universal forwarder in the Forwarder Manual. For Splunk Cloud Platform, see Configure a universal forwarder to send data to ITE Work in Splunk Cloud Platform.

2. Install and configure the Splunk Add-on for Unix and Linux

Follow these steps to install and configure the Splunk Add-on for Unix and Linux:

1. Review the Splunk Add-on for Unix and Linux requirements. For more information, see Hardware and software requirements for the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
2. Install the Splunk Add-on for Unix and Linux. For more information, see Install the Splunk Add-on for Unix and Linux in the Splunk Add-on for Unix and Linux Manual.
3. Configure the Splunk Add-on for Unix and Linux. Enable the metrics inputs in the Splunk Add-on for Unix and Linux and set index to itsi_im_metrics. For more information, see Enable data and scripted inputs for the Splunk Add-on for Unix and Linux. If you want to use any other metrics index instead of itsi_im_metrics index, see Use custom metric indexes in ITE Work. 

3. Verify your Unix and Linux integration and view associated entity details dashboards

Follow these steps to check that your entities appear in ITE Work, and to view the associated entity details dashboard.

1. From the ITE Work main menu, go to Configuration > Entity Management.
2. Click View Health on an entity with the entity type Unix/Linux Add-on.