I need to make splunk dashboards with Ubuntu system logs (mainly logging and system modifying). How could I get those logs and what can I convert them into a dashboard?
Asked
Active
Viewed 494 times
1 Answers
0
You will probably install the Splunk TA for Unix and Linux, https://splunkbase.splunk.com/app/833/ . Also see the documentation at https://docs.splunk.com/Documentation/AddOns/released/UnixLinux/About
This will provide the ingestion of common Unix data into Splunk. To visualise the data, you can leverage the Splunk App for Unix and Linux, https://splunkbase.splunk.com/app/273/ . Also see the documentation at http://docs.splunk.com/Documentation/UnixApp/latest/User/AbouttheSplunkAppforUnix
Ultimately, you will want to create a dashboard showing just the data you are interested in. You can copy dashboards from the app and put it in yours. Have you looked at the free Splunk fundamentals 1 training, https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html
Simon Duff
- 2,631
- 2
- 7
- 15