Owner and group of TA NIX application/directory was root and system. Splunk forwarder was installed with some splunk user and this user didn't have the privilege, to supersede root user to execute anything, in that directory. Owner and group changed to splunk and it worked fine.
For cpu.sh script, Splunk user was made a part of adm group on AIX server and after that, it was able to execute the sar -P ALL 1 1 command present in the script.
Note: Some of the commands present in TA NIX scripts require root privileges, make sure to install the splunk forwarder as root user. In case forwarder installed with some splunk user, need to provide the proper permissions to execute those commands.
... View more