Getting Data In

How to monitor data coming in from a serial port (serial to a USB adapter)?

b_loveless
Engager

I want to monitor data coming in from a serial port (actually a serial to USB adapter). Has anyone done this?

Longer story:
I want to use SPLUNK to monitor my house solar system to build reports, using the serial data the system outputs to my Raspberry Pi. Once I have the data, my idea is to write a transform (that is what I mean, right), to translate the data into usable format for building graphs or whatever.

Any ideas would be appreciated.

-_Bryan

0 Karma

Richfez
SplunkTrust
SplunkTrust

Please check out this post on Splunking data from a Raspberry Pi. That post seems a bit more oriented toward Splunking the Pi itself, but parts of it are still very useful.

If you are using the Pi to read data from a serial port, and you can write that data to disk, then the Pi side of Splunk just got way easier. Follow the first step from the above link to install Splunk if required and set it up to receive. Then install the UF as per step two.

For step three, you probably won't need the scripted input. Instead, set up a monitor stanza in the appropriate folder (probably something like /opt/splunkuniversalforwarder/etc/system/local/inputs.conf) on the UF on the Pi to read that file. I think the second example here may be about all you need. Continue with the last sub-step of step 3 - setting up your outputs.conf.

That should be it. You'll have to work the Raspberry Pi end of things a bit to get it to read from serial and write to a file, but the actual bits of python don't seem too hard according to here.

0 Karma

b_loveless
Engager

You were reading my mind... I did the first part last night, so I have the UF working. I am a windows sysadmin by day, so getting a /dev device to write to a file and not fill up the drive is something that I am having a bit of trouble figuring out... but your last link looks pretty darn good, I think I will give that a shot as I have time later...

Thanks for the link, will give it a go.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...