I get the hpux splunk tar and untar it to /home2/splunk... i've tried : chmod -R a=rwx ./splunk chown -R root:sys ./splunk I start splunk as root user using ./splunk start --accept-license I've tried giving admin user all roles and putting os index in admin role. I can get data from existing files but what I really want to do is get data from the nix runtime stuff ie: *nix app also indexes output from common system tools: top: top processes on host vmstat: memory usage info iostat: io throughput ps: all process info netstat: network status and throughput protocol: detailed network throughput interfaces: stats per link-level Ethernet interface open ports: snapshot of open ports time: clock details lsof: open files per user, process df: disk and volume usage who: current active user sessions users with privileges: users with login accounts lastlog: last login time for users who have ever logged in cpu: shows stats per CPU rlog: auditd logs translated with ausearch packages: current installed packages hardware: details of host hardware*strong text* ... View more

i kept all the defaults and I have the same OS and problem. I've tried what you said and everything is enabled and roles set and assigned correctly. Not sure whats going on? Is there anything else that can be done? ... View more