Solved: VNX integration

sasamir · ‎03-04-2017

Newbie to Splunk and trying to integration EMC VNX app. Stuck on Configure the modular input for the Splunk Add-on for EMC VNX page where it asks to insert details in inputs.conf file. where is the directory default or local we need to edit and complete setup?

Appreciate all assistance.

mattymo · ‎03-07-2017

Hi Sasamir!

Inside the VNX app, which will be found under $SPLUNK_HOME/etc/apps, you will find a copy of inputs.conf in the /default dir which you should copy to the /local dir and configure for your particular environment.

In general, you should always configure your apps in the app's local directory to ensure your configurations are not overwritten in upgrades

http://docs.splunk.com/Documentation/AddOns/released/EMCVNX/ConfigureModularInput

- MattyMo

View solution in original post

mattymo · ‎03-07-2017

Hi Sasamir!

Inside the VNX app, which will be found under $SPLUNK_HOME/etc/apps, you will find a copy of inputs.conf in the /default dir which you should copy to the /local dir and configure for your particular environment.

In general, you should always configure your apps in the app's local directory to ensure your configurations are not overwritten in upgrades

http://docs.splunk.com/Documentation/AddOns/released/EMCVNX/ConfigureModularInput

- MattyMo

rjthibod · ‎03-07-2017

They are in the app's folder on the Splunk system where you installing things.

This should be $SPLUNK_ROOT/etc/apps/Splunk_TA_emc-vnx

On linux, that is usually /opt/splunk/etc/apps/Splunk_TA_emc-vnx.

On windows, that is usually c:\program files\splunk\etc\apps\Splunk_TA_emc-vnx.

VNX integration

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases

Detecting Remote Code Executions With the Splunk Threat Research Team