Splunk Infrastructure Monitoring Solution: Linux Platform Integration (Part-III)
Today we are back with the third blog of the series. In this one we will demonstrate the integration of the Linux platform with Splunk IMM. in the previous two blogs we did the integration of the GCP and Windows platform, if you haven’t checked those blogs yet, you can check it out by clicking the links below.
So without wasting the time let’s start,
NOTE: This integration will be possible for only below Linux distributions and functions,
- Amazon Linux: 2
- CentOS / Red Hat / Oracle: 7, 8
- Debian: 8, 9, 10
- Ubuntu: 16.04, 18.04, 20.04
For our demonstration, we will be using CentOS 7
First of all, go to the Linux host which you want to integrate with Splunk IMM
First, install curl and sudo from the yum repository.
# yum install curl # yum install sudo
And run this command,
# curl -sSL https://dl.signalfx.com/splunk-otel-collector.sh > /tmp/splunk-otel-collector.sh && \ sudo sh /tmp/splunk-otel-collector.sh --realm us1 -- h8RvyxcxlhQb8i8w42D8ag --mode agent
It will install “Splunk Open Telemetry” collector in the following path “/etc/otel/collector/”
Now go to your Splunk IMM instance and log in with your credentials.
Now in the homage click on “+” and then choose “Integration”.
after that, select “Linux”
And then click on “Add connection”.
In the next step configure the integration, as shown below.
Access Token: <default>
Mode: <choose whether your connector runs in agent or gateway mode>
Log Collection: <Yes>
And then click on next.
And then you will be able to see the list of active hosts sending logs to IMM.
Here it’s showing 2 because we also configured windows host the other day. Now to get more pinpoint data to click on the box.
Then choose the required hostname from the dropdown filter and you will get all the information.
I hope all of you enjoyed this blog, see you all on to the next one.
Other Blogs of this Series: