Linux/Unix Data

Linux/Unix data is collected via the Splunk Add-on for Linux and Unix (*nix).

Splunkbase Download:

Installation and Configuration Guide:

We have created a specific shell script to collect information about which users have sudo privileges via a user list which has normal login privileges. And another script that collects information about groups on the Linux/Unix machines. Download the Cyences Add-on for Splunk to enable this feature.

Splunkbase Download:

Refer to A-TA-linux_inputs App on this GitHub Repo for inputs.conf reference.

Note: Use index=os, for data collection or update the macro definition for Linux Data (Settings > Configuration).

Estimated Data Size

The total data size with the updated stanzas are less than 100MB per Linux host per day. Exclude inputs that are not relevant to your environment.

Copyright © 2023 CrossRealms International.