I get the hpux splunk tar and untar it to /home2/splunk...
i've tried :
chmod -R a=rwx ./splunk
chown -R root:sys ./splunk
I start splunk as root user using
./splunk start --accept-license
I've tried giving admin user all roles and putting os index in admin role. I can get data from existing files but what I really want to do is get data from the nix runtime stuff ie:
*nix app also indexes output from common system tools:
top: top processes on host
vmstat: memory usage info
iostat: io throughput
ps: all process info
netstat: network status and throughput
protocol: detailed network throughput
interfaces: stats per link-level Ethernet interface
open ports: snapshot of open ports
time: clock details
lsof: open files per user, process
df: disk and volume usage
who: current active user sessions
users with privileges: users with login accounts
lastlog: last login time for users who have ever logged in
cpu: shows stats per CPU
rlog: auditd logs translated with ausearch
packages: current installed packages
hardware: details of host hardware*strong text*
... View more