We have splunk add-on for Unix installed. But it does not show any data for "netstat" sourcetype for Soalris clients. For Linux it does. Incidentally, Linuxhosts are indexers and heavy forwarders.
/app/splunk/splunkforwarder/etc/apps/Splunk_TA_nix/bin/netstat.sh is present in Solaris client, and it does output typical netstat like output.
Why are no data displayed in Splunk Web console?
... View more