Merge in Splunk Add-On for Unix and Linux version 10.1.0

THIRDPARTY

@@ -7,9 +7,9 @@
 
 The following 3rd-party software packages may be used by or distributed with splunk-add-on-for-unix-and-linux. Any information relevant to third-party vendors listed below are collected using common, reasonable means.
 
-Date generated: 2025-1-31
+Date generated: 2025-4-25
 
-Revision ID: 79a4b3bf642285d427e11cd81adb8baaf923e0e9
+Revision ID: 54ebe4046afb33b20d0f5a24affec0e4323297b6
 
 ================================================================================
 ================================================================================
@@ -65,4 +65,4 @@ No licenses found
 --------------------------------------------------------------------------------
 --------------------------------------------------------------------------------
 
-Report Generated by FOSSA on 2025-1-31
+Report Generated by FOSSA on 2025-4-25

VERSION

@@ -1,2 +1,2 @@
-10.0.0.1
+10.1.0.0
-10.0.0.1
+10.1.0.0

app.manifest

@@ -29,7 +29,7 @@
     "id": {
       "group": null,
       "name": "TA-unix",
-      "version": "10.0.0.1"
+      "version": "10.1.0.0"
     },
     "license": {
       "name": "Splunk Software License Agreement",

bin/cpu.sh

@@ -42,17 +42,64 @@ if [ "$KERNEL" = "Linux" ] ; then
     echo "Cmd = [$CMD];  | $AWK '$FILTER $FORMAT $PRINTF' header=\"$HEADER\"" >> "$TEE_DEST"
     exit
 elif [ "$KERNEL" = "SunOS" ] ; then
-    formatted_date=$(date +"%m/%d/%y_%H:%M:%S_%Z")
+    CMD='mpstat -p 2 5'
-    if [ "$SOLARIS_8" = "true" ] || [ "$SOLARIS_9" = "true" ] ; then
+    FORMAT='
-        CMD='eval mpstat -a -p 1 2 | tail -1 | sed "s/^[ ]*0/all/"; mpstat -p 1 2 | tail -r'
+
-    else
+    function get_cpu_count(){
-        CMD='eval mpstat -aq -p 1 2 | tail -1 | sed "s/^[ ]*0/all/"; mpstat -q -p 1 2 | tail -r'
+        command = "psrinfo -p";  # Use this for Solaris
-    fi
+        command | getline cpu_count;
-    assertHaveCommand "$CMD"
+        close(command);
-    # shellcheck disable=SC2016
+        return cpu_count;
-   FILTER='($1=="CPU") {exit 1}'
+    }
-    # shellcheck disable=SC2016
+
-    FORMAT='{datetime="'"$formatted_date"'"; cpu=$1; pctUser=$(NF-4); pctNice="0"; pctSystem=$(NF-3); pctIowait=$(NF-2); pctIdle=$(NF-1)}'
+    BEGIN {
+        cpu_processed = 0;
+        user_sum = system_sum = iowait_sum = idle_sum = 0;
+        # Dynamically set CPU count
+        cpu_count = get_cpu_count();
+        last_cpu = cpu_count-1;
+    }
+
+    function get_current_time() {
+        command = "date +\"%m/%d/%y_%H:%M:%S_%Z\"";
+        command | getline datetime;
+        close(command);
+        return datetime;
+    }{
+        datetime=get_current_time();
+        cpu=$1;
+        pctUser=$(NF-4);
+        pctNice="0";
+        pctSystem=$(NF-3);
+        pctIowait=$(NF-2);
+        pctIdle=$(NF-1);
+
+        user_sum += pctUser;
+        system_sum += pctSystem;
+        iowait_sum += pctIowait;
+        idle_sum += pctIdle;
+        cpu_processed++;
+    }
+    '
+    FILTER='($0 ~ /CPU/) { if($(NF-1) ~ /gnice/){  NFIELDS=NF; } else {NFIELDS=NF+1;} next} /Average|Linux|^$|%/ {next}'
+    PRINTF='
+    {
+    if (cpu ~ /0/) {
+        print header;
+        printf "%-28s %-3s  %9s  %9s  %9s  %9s  %9s\n", datetime, cpu, pctUser, pctNice, pctSystem, pctIowait, pctIdle;
+    } else if (cpu ~ last_cpu) {
+        printf "%-28s %-3s  %9s  %9s  %9s  %9s  %9s\n", datetime, cpu, pctUser, pctNice, pctSystem, pctIowait, pctIdle;
+        printf "%-28s %-3s  %9s  %9s  %9s  %9s  %9s\n", datetime, "all", user_sum / cpu_count, pctNice, system_sum / cpu_count, iowait_sum / cpu_count, idle_sum / cpu_count;
+        cpu_processed = 0;
+        user_sum = system_sum = iowait_sum = idle_sum = 0;
+    }else{
+        printf "%-28s %-3s  %9s  %9s  %9s  %9s  %9s\n", datetime, cpu, pctUser, pctNice, pctSystem, pctIowait, pctIdle;
+    }
+    }'
+    $CMD | tee "$TEE_DEST" | $AWK "$FILTER $FORMAT $PRINTF"  header="$HEADER"
+    echo "Cmd = [$CMD];  | $AWK '$FILTER $FORMAT $PRINTF' header=\"$HEADER\"" >> "$TEE_DEST"
+    exit
+
 elif [ "$KERNEL" = "AIX" ] ; then
     queryHaveCommand mpstat
     queryHaveCommand lparstat

bin/cpu_metric.sh

@@ -7,7 +7,6 @@
 . "$(dirname "$0")"/common.sh
 
 assertHaveCommand column
-
 HEADER='Datetime                        pctUser    pctNice  pctSystem  pctIowait    pctIdle    OSName                                   OS_version  IP_address        CPU'
 HEADERIZE="BEGIN {print \"$HEADER\"}"
 PRINTF='{printf "%-28s  %9s  %9s  %9s  %9s  %9s    %-35s %15s  %-16s  %-3s\n", datetime, pctUser, pctNice, pctSystem, pctIowait, pctIdle, OSName, OS_version, IP_address,cpu}'
@@ -37,18 +36,64 @@ if [ "$KERNEL" = "Linux" ] ; then
     # shellcheck disable=SC2016
     FILTER='($0 ~ /CPU/) { if($(NF-1) ~ /gnice/){  NFIELDS=NF; } else {NFIELDS=NF+1;} next} /Average|Linux|^$|%/ {next}'
 elif [ "$KERNEL" = "SunOS" ] ; then
-    formatted_date=$(date +"%m/%d/%y_%H:%M:%S_%Z")
+    CMD='mpstat -p 2 5'
-    if [ "$SOLARIS_8" = "true" ] || [ "$SOLARIS_9" = "true" ] ; then
-        CMD='eval mpstat -a -p 1 2 | tail -1 | sed "s/^[ ]*0/all/"; mpstat -p 1 2 | tail -r'
-    else
-        CMD='eval mpstat -aq -p 1 2 | tail -1 | sed "s/^[ ]*0/all/"; mpstat -q -p 1 2 | tail -r'
-    fi
     DEFINE="-v OSName=$(uname -s) -v OS_version=$(uname -r) -v IP_address=$(ifconfig -a | grep 'inet ' | grep -v 127.0.0.1 | cut -d\  -f2 | head -n 1)"
-    assertHaveCommand "$CMD"
+    FORMAT='
-    # shellcheck disable=SC2016
+
-    FILTER='($1=="CPU") {exit 1}'
+    function get_cpu_count(){
-    # shellcheck disable=SC2016
+        command = "psrinfo -p";  # Use this for Solaris
-    FORMAT='{datetime="'"$formatted_date"'"; cpu=$1; pctUser=$(NF-4); pctNice="0"; pctSystem=$(NF-3); pctIowait=$(NF-2); pctIdle=$(NF-1);OSName=OSName;OS_version=OS_version;IP_address=IP_address;}'
+        command | getline cpu_count;
+        close(command);
+        return cpu_count;
+    }
+
+    BEGIN {
+        cpu_processed = 0;
+        user_sum = system_sum = iowait_sum = idle_sum = 0;
+        # Dynamically set CPU count
+        cpu_count = get_cpu_count();
+        last_cpu = cpu_count-1;
+    }
+
+    function get_current_time() {
+        command = "date +\"%m/%d/%y_%H:%M:%S_%Z\"";
+        command | getline datetime;
+        close(command);
+        return datetime;
+    }{
+        datetime=get_current_time();
+        cpu=$1;
+        pctUser=$(NF-4);
+        pctNice="0";
+        pctSystem=$(NF-3);
+        pctIowait=$(NF-2);
+        pctIdle=$(NF-1);
+
+        user_sum += pctUser;
+        system_sum += pctSystem;
+        iowait_sum += pctIowait;
+        idle_sum += pctIdle;
+        cpu_processed++;
+    }
+    '
+    FILTER='($0 ~ /CPU/) { if($(NF-1) ~ /gnice/){  NFIELDS=NF; } else {NFIELDS=NF+1;} next} /Average|Linux|^$|%/ {next}'
+    PRINTF='
+    {
+    if (cpu ~ /0/) {
+        print header;
+        {printf "%-28s  %9s  %9s  %9s  %9s  %9s    %-35s %15s  %-16s  %-3s\n", datetime, pctUser, pctNice, pctSystem, pctIowait, pctIdle, OSName, OS_version, IP_address,cpu}
+    } else if (cpu ~ last_cpu) {
+        {printf "%-28s  %9s  %9s  %9s  %9s  %9s    %-35s %15s  %-16s  %-3s\n", datetime, pctUser, pctNice, pctSystem, pctIowait, pctIdle, OSName, OS_version, IP_address,cpu}
+        printf "%-28s  %9s  %9s  %9s  %9s  %9s    %-35s %15s  %-16s  %-3s\n", datetime, user_sum / cpu_count, pctNice, system_sum / cpu_count, iowait_sum / cpu_count, idle_sum / cpu_count, OSName, OS_version, IP_address, "all";
+        cpu_processed = 0;
+        user_sum = system_sum = iowait_sum = idle_sum = 0;
+    }else{
+        {printf "%-28s  %9s  %9s  %9s  %9s  %9s    %-35s %15s  %-16s  %-3s\n", datetime, pctUser, pctNice, pctSystem, pctIowait, pctIdle, OSName, OS_version, IP_address,cpu}
+    }
+    }'
+    $CMD | tee "$TEE_DEST" | $AWK $DEFINE "$FILTER $FORMAT $FILL_DIMENSIONS $PRINTF" header="$HEADER"
+    echo "Cmd = [$CMD];  | $AWK $DEFINE '$FILTER $FORMAT $FILL_DIMENSIONS $PRINTF' header=\"$HEADER\"" >>"$TEE_DEST"
+    exit
 elif [ "$KERNEL" = "AIX" ] ; then
     queryHaveCommand mpstat
     queryHaveCommand lparstat

bin/df.sh

@@ -120,9 +120,46 @@ elif [ "$KERNEL" = "AIX" ] ; then
 	assertHaveCommandGivenPath /usr/bin/df
 	CMD='eval /usr/sysv/bin/df -n ; /usr/bin/df -kP -F %u %f %z %l %n %p %m'
 
-	# Normalize Size, Used and Avail columns
+	#Maps fsType
 	# shellcheck disable=SC2016
-	NORMALIZE='
+	MAP_FS_TO_TYPE='/: / {
+        key = "";
+        value = "";
+        foundColon = 0;
+
+        for (i = 1; i <= NF; i++) {
+            if (!foundColon) {
+                if ($i ~ /:$/) {
+                    clean = $i;
+                    sub(/:$/, "", clean);
+                    if (clean != "") {
+                        key = (key ? key " " : "") clean;
+                    }
+                    foundColon = 1;
+                } else {
+                    if ($i != "") {
+                        key = (key ? key " " : "") $i;
+                    }
+                }
+            } else if ($i ~ /[a-zA-Z0-9]/ && value == "") {
+                value = $i;
+            }
+        }
+
+        gsub(/ /, "&nbsp;", key);
+
+        fsTypes[key] = value;
+    }'
+
+
+	# shellcheck disable=SC2016
+	BEGIN='BEGIN {
+        OFS = "\t";
+        printedHeader = 0;
+    }'
+	# Append Type and Inode headers to the main header and print respective fields from values stored in MAP_FS_TO_TYPE variables
+	# shellcheck disable=SC2016
+	PRINTF='
 	function fromKB(KB) {
 		MB = KB/1024;
 		if (MB<1024) return MB "M";
@@ -131,66 +168,78 @@ elif [ "$KERNEL" = "AIX" ] ; then
 		TB = GB/1024; return TB "T"
 	}
 	{
-		if($0 ~ /^Filesystem.*/){
+        if ($0 ~ /^Filesystem.*/) {
-			for(i=1;i<=NF;i++){
+            if (!printedHeader) {
-				if($i=="1024-blocks") {sizeCol=i; sizeFlag=1;}
+                sub("%iused", "IUsePct", $0);
-				if($i=="Used") {usedCol=i; usedFlag=1;}
+                header_field_count = NF;
-				if($i=="Available") {availCol=i; availFlag=1;}
-			}
-		}
-		if(!($0 ~ /^Filesystem.*/) && sizeFlag==1)
-			$sizeCol=fromKB($sizeCol);
-		if(!($0 ~ /^Filesystem.*/) && usedFlag==1)
-			$usedCol=fromKB($usedCol);
-		if(!($0 ~ /^Filesystem.*/) && availFlag==1)
-			$availCol=fromKB($availCol);
-	}'
 
-	#Maps fsType
+                for (i = 1; i <= NF; i++) {
-	# shellcheck disable=SC2016
+                    if ($i == "iused") iusedCol = i;
-	MAP_FS_TO_TYPE='/: / {
+                    if ($i == "ifree") ifreeCol = i;
-		for(i=1;i<=NF;i++){
+                    if ($i == "Mounted" && $(i + 1) == "on") {
-			if($i ~ /^\/.*/)
+                        mountedCol = i;
-				keyCol=i;
+                        sub("Mounted on", "MountedOn", $0);
-			else if($i ~ /[a-zA-Z0-9]/)
+                    }
-				valueCol=i;
                 }
-		if($keyCol ~ /^\/.*:/)
-			fsTypes[substr($keyCol,1,length($keyCol)-1)] = $valueCol;
-		else
-			fsTypes[$keyCol]=$valueCol;
-	}'
 
-	# shellcheck disable=SC2016
+                $(NF + 1) = "Type";
-	BEGIN='BEGIN { OFS = "\t" }'
+                $(NF + 1) = "INodes";
-	# Append Type and Inode headers to the main header and print respective fields from values stored in MAP_FS_TO_TYPE variables
+                printf "%-50s %-8s %-8s %-8s %-10s %-8s %-8s %-7s %-25s %-10s %-8s\n",
-	# shellcheck disable=SC2016
+                    "Filesystem", "Size", "Used", "Avail", "Capacity",
-	PRINTF='
+                    "iused", "ifree", "IUsePct","MountedOn", "Type", "INodes";
-	{
+                printedHeader = 1;
-		if($0 ~ /^Filesystem.*/){
+            }
-			sub("%Iused","IUsePct",$0);
+            next;
-			for(i=1;i<=NF;i++){
+        }
-				if($i=="Iused") iusedCol=i;
-				if($i=="Ifree") ifreeCol=i;
 
-				if($i=="Mounted" && $(i+1)=="on"){
+        if (NF >= 8 && $0 !~ /\(.*\)/ && $0 !~ /^.* on \/.* \(/) {
-					mountedCol=i;
+            found = 0
-					sub("Mounted on","MountedOn",$0);
+            for (i = 1; i <= NF - 6; i++) {
+                cond =  ($(i)     ~ /^[0-9.]+[KMGTPBi]*$/ || $(i)     == "-") &&
+                        ($(i+1)   ~ /^[0-9.]+[KMGTPBi]*$/ || $(i+1)   == "-") &&
+                        ($(i+2)   ~ /^[0-9.]+[KMGTPBi]*$/ || $(i+2)   == "-") &&
+                        ($(i+3)   ~ /^[0-9]+%$/          || $(i+3)   == "-") &&
+                        ($(i+4)   ~ /^[0-9]+(\.[0-9]+)?[kMGTPBi]?$/ || $(i+4) == "-") &&
+                        ($(i+5)   ~ /^[0-9]+(\.[0-9]+)?[kMGTPBi]?$/ || $(i+5) == "-") &&
+                        ($(i+6)   ~ /^[0-9]+%$/          || $(i+6)   == "-")
+                if (cond) {
+                    start = i
+                    found = 1
+                    break
                 }
             }
-			$(NF+1)="Type";
+
-			$(NF+1)="INodes";
+            if (!found) {
-			print $0;
+                next
             }
+
+            fs = $1
+            for (j = 2; j < start; j++) {
+				print($j)
+                fs = fs "&nbsp;" $j
             }
-	{
+            gsub("^/dev/", "", fs);
-		for(i=1;i<=NF;i++)
+            gsub("s[0-9]+$", "", fs);
-		{
+
-			if($i ~ /^\/\S*/ && i==mountedCol && !(fsTypes[$mountedCol]~/(devfs|ctfs|proc|mntfs|objfs|lofs|fd|tmpfs)/) && !($0 ~ /.*\/proc.*/)){
+            size     = fromKB($(start))
-				$(NF+1)=fsTypes[$mountedCol];
+            used     = fromKB($(start + 1))
-				$(NF+1)=$iusedCol+$ifreeCol;
+            avail    = fromKB($(start + 2))
-				print $0;
+            capacity = $(start + 3)
+            iused    = $(start + 4)
+            ifree    = $(start + 5)
+            iusepct  = $(start + 6)
+
+            mounted = $(start + 7)
+            for (k = start + 8; k <= NF; k++) {
+                mounted = mounted "&nbsp;" $k
             }
+
+            fstype = (mounted in fsTypes) ? fsTypes[mounted] : "-";
+            inodes = iused + ifree;
+
+            printf "%-50s %-8s %-8s %-8s %-10s %-8s %-8s %-7s %-25s %-10s %-8s\n",
+            fs, size, used, avail, capacity,
+            iused, ifree, iusepct, mounted, fstype, inodes;
         }
     }'
 
@@ -215,25 +264,116 @@ elif [ "$KERNEL" = "Darwin" ] ; then
 	assertHaveCommand df
 	CMD='eval mount -t nocddafs,autofs,devfs,fdesc,nfs; df -h -T nocddafs,autofs,devfs,fdesc,nfs'
 	# shellcheck disable=SC2016
-	BEGIN='BEGIN { OFS = "\t" }'
+    BEGIN='BEGIN {
+        OFS = "\t";
+        printedHeader = 0;
+    }'
 	#Maps fsType
 	# shellcheck disable=SC2016
     MAP_FS_TO_TYPE='/ on / {
+        key = "";
+        value = "";
+
         for (i = 1; i <= NF; i++) {
-			if ($i == "on" && $(i + 1) ~ /^\/.*/)
+            if ($i == "on") {
-				key=$(i+1);
+                # Start capturing key from the next field
-			if($i ~ /^\(/)
+                j = i + 1;
-				value = substr($i, 2, length($i) - 2);
+                while (j <= NF && $(j) !~ /^\(/) {
+                    key = (key == "") ? $(j) : key " " $(j);
+                    j++;
                 }
+            }
+
+            if ($i ~ /^\(/) {
+                value = substr($i, 2);  # Remove starting (
+                # Optionally remove trailing comma/parenthesis if needed
+                if (substr(value, length(value), 1) == "," || substr(value, length(value), 1) == ")") {
+                    value = substr(value, 1, length(value)-1);
+                }
+            }
+        }
+
+        gsub(/ /, "&nbsp;", key);  # Replace spaces with &nbsp;
         fsTypes[key] = value;
     }'
-	PRINTF='/^Filesystem/ {
+	# Append Type and Inode headers to the main header and print respective fields from values stored in MAP_FS_TO_TYPE variables
-		printf "Filesystem\tType\tSize\tUsed\tAvail\tUse%%\tInodes\tIUsed\tIFree\tIUse%%\tMountedOn\n";
+	# shellcheck disable=SC2016
+    PRINTF='{
+        if ($0 ~ /^Filesystem.*/) {
+            if (!printedHeader) {
+                sub("%iused", "IUsePct", $0);
+                header_field_count = NF;
+
+                for (i = 1; i <= NF; i++) {
+                    if ($i == "iused") iusedCol = i;
+                    if ($i == "ifree") ifreeCol = i;
+                    if ($i == "Mounted" && $(i + 1) == "on") {
+                        mountedCol = i;
+                        sub("Mounted on", "MountedOn", $0);
+                    }
+                }
+
+                $(NF + 1) = "Type";
+                $(NF + 1) = "INodes";
+                printf "%-50s %-8s %-8s %-8s %-10s %-8s %-8s %-7s %-25s %-10s %-8s\n",
+                    "Filesystem", "Size", "Used", "Avail", "Capacity",
+                    "iused", "ifree", "IUsePct","MountedOn", "Type", "INodes";
+                printedHeader = 1;
+            }
+            next;
+        }
+
+        if (NF >= 8 && $0 !~ /\(.*\)/ && $0 !~ /^.* on \/.* \(/) {
+            found = 0
+            for (i = 1; i <= NF - 6; i++) {
+                cond =  ($(i)     ~ /^[0-9.]+[KMGTPBi]*$/ || $(i)     == "-") &&
+                        ($(i+1)   ~ /^[0-9.]+[KMGTPBi]*$/ || $(i+1)   == "-") &&
+                        ($(i+2)   ~ /^[0-9.]+[KMGTPBi]*$/ || $(i+2)   == "-") &&
+                        ($(i+3)   ~ /^[0-9]+%$/          || $(i+3)   == "-") &&
+                        ($(i+4)   ~ /^[0-9]+(\.[0-9]+)?[kMGTPBi]?$/ || $(i+4) == "-") &&
+                        ($(i+5)   ~ /^[0-9]+(\.[0-9]+)?[kMGTPBi]?$/ || $(i+5) == "-") &&
+                        ($(i+6)   ~ /^[0-9]+%$/          || $(i+6)   == "-")
+                if (cond) {
+                    start = i
+                    found = 1
+                    break
+                }
+            }
+
+            if (!found) {
+                next
+            }
+
+            fs = $1
+            for (j = 2; j < start; j++) {
+                fs = fs "&nbsp;" $j
+            }
+            gsub("^/dev/", "", fs);
+            gsub("s[0-9]+$", "", fs);
+
+            size     = $(start)
+            used     = $(start + 1)
+            avail    = $(start + 2)
+            capacity = $(start + 3)
+            iused    = $(start + 4)
+            ifree    = $(start + 5)
+            iusepct  = $(start + 6)
+
+            mounted = $(start + 7)
+            for (k = start + 8; k <= NF; k++) {
+                mounted = mounted "&nbsp;" $k
+            }
+
+            fstype = (mounted in fsTypes) ? fsTypes[mounted] : "-";
+            inodes = iused + ifree;
+
+            printf "%-50s %-8s %-8s %-8s %-10s %-8s %-8s %-7s %-25s %-10s %-8s\n",
+            fs, size, used, avail, capacity,
+            iused, ifree, iusepct, mounted, fstype, inodes;
         }
-	$0 !~ /^Filesystem/ && $0 !~ / on / {
-		printf "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n", $1, fsTypes[$NF], $2, $3, $4, $5, $6+$7, $6, $7, $8, $9;
     }'
 
+
 elif [ "$KERNEL" = "OpenBSD" ] ; then
 	assertHaveCommand mount
 	assertHaveCommand df

bin/hardware.sh

@@ -17,7 +17,7 @@ if [ "$KERNEL" = "Linux" ] ; then
 	CPU_TYPE=$(awk -F: '/model name/ {print $2; exit}' /proc/cpuinfo   2>>"$TEE_DEST")
 	CPU_CACHE=$(awk -F: '/cache size/ {print $2; exit}' /proc/cpuinfo  2>>"$TEE_DEST")
 	CPU_COUNT=$(grep -c processor /proc/cpuinfo                        2>>"$TEE_DEST")
-	[ -z "$CPU_TYPE" ] && [ -r /proc/device-tree/compatible ] && CPU_TYPE=$(cat /proc/device-tree/compatible | tr '\0' ',')
+	[ -z "$CPU_TYPE" ] && [ -r /proc/device-tree/compatible ] && CPU_TYPE=$(cat /proc/device-tree/compatible | sed 's/\0/,/g;s/,$//')
 	# HDs
 	# shellcheck disable=SC2010
 	for deviceBasename in $(ls /sys/block | grep -E -v '^(dm|md|ram|sr|loop)')

bin/iostat.sh

@@ -10,17 +10,17 @@
 assertHaveCommand column
 
 if [ "$KERNEL" = "Linux" ] ; then
-	CMD='iostat -xky 1 1'
+	CMD='iostat -xky 60 1'
 	assertHaveCommand "$CMD"
 	# considers the device, r/s and w/s columns and returns output of the first interval
 	FILTER='/Device/ && /r\/s/ && /w\/s/ {f=1;}f'
 elif [ "$KERNEL" = "SunOS" ] ; then
-	CMD='iostat -xn 1 2'
+	CMD='iostat -xn 60 2'
 	assertHaveCommand "$CMD"
 	# considers the device, r/s and w/s columns and returns output of the second interval
 	FILTER='/device/ && /r\/s/ && /w\/s/ {f++;} f==2'
 elif [ "$KERNEL" = "AIX" ] ; then
-	CMD='iostat  1 2'
+	CMD='iostat  60 2'
 	assertHaveCommand "$CMD"
 	# considers the disks, kb_read and kb_wrtn columns and returns output of the second interval
 	FILTER='/^cd/ {next} /Disks/ && /Kb_read/ && /Kb_wrtn/ {f++;} f==2'
@@ -31,7 +31,7 @@ elif [ "$KERNEL" = "OpenBSD" ] ; then
 	HEADERIZE="BEGIN {print \"$HEADER\"}"
 	FILTER=$HEADERIZE'/^[^ \t]/ && !/^(DEVICE|Totals)/{printf "%-7s %.2f  %.2f  %d    %d\n", $1, $2/1024, $3/1024, $4, $5}'
 elif [ "$KERNEL" = "FreeBSD" ] ; then
-	CMD='iostat -x -c 2'
+	CMD='iostat -x -c 2 -w 60'
 	assertHaveCommand "$CMD"
 	# considers the device, r/s and w/s columns and returns output of the second interval
 	FILTER='/device/ && /r\/s/ && /w\/s/ {f++;} f==2'

bin/iostat_metric.sh

@@ -11,7 +11,7 @@
 assertHaveCommand column
 
 if [ "$KERNEL" = "Linux" ] ; then
-	CMD='iostat -xky 1 1'
+	CMD='iostat -xky 60 1'
 	assertHaveCommand "$CMD"
 	if [ ! -f "/etc/os-release" ] ; then
         DEFINE="-v OSName=$(cat /etc/*release | head -n 1| awk -F" release " '{print $1}'| tr ' ' '_') -v OS_version=$(cat /etc/*release | head -n 1| awk -F" release " '{print $2}' | cut -d\. -f1) -v IP_address=$(ip -4 route show default | awk '{print $9}')"
@@ -22,7 +22,7 @@ if [ "$KERNEL" = "Linux" ] ; then
 	# shellcheck disable=SC2016
     PRINTF='{if ($0~/Device/) {printf "%s OSName OS_version IP_address \n", $0} else if (NF!=0) {printf "%s %s %s %s\n", $0, OSName, OS_version, IP_address}}'
 elif [ "$KERNEL" = "SunOS" ] ; then
-	CMD='iostat -xn 1 2'
+	CMD='iostat -xn 60 2'
 	# jscpd:ignore-start
 	assertHaveCommand "$CMD"
     DEFINE="-v OSName=$(uname -s) -v OS_version=$(uname -r) -v IP_address=$(ifconfig -a | grep 'inet ' | grep -v 127.0.0.1 | cut -d\  -f2 | head -n 1)"
@@ -31,7 +31,7 @@ elif [ "$KERNEL" = "SunOS" ] ; then
 	PRINTF='{if ($0~/device/ && /r\/s/ && /w\/s/) {printf "%s OSName OS_version IP_address \n", $0} else if (NF!=0) {printf "%s %s %s %s\n", $0, OSName, OS_version, IP_address}}'
 	# jscpd:ignore-end
 elif [ "$KERNEL" = "AIX" ] ; then
-	CMD='iostat  1 2'
+	CMD='iostat  60 2'
 	assertHaveCommand "$CMD"
     DEFINE="-v OSName=$(uname -s) -v OS_version=$(oslevel -r | cut -d'-' -f1) -v IP_address=$(ifconfig -a | grep 'inet ' | grep -v 127.0.0.1 | cut -d\  -f2 | head -n 1)"
 	FILTER='/^cd/ {next} /Disks/ && /Kb_read/ && /Kb_wrtn/ {f++;} f==2'
@@ -45,7 +45,7 @@ elif [ "$KERNEL" = "OpenBSD" ] ; then
 	HEADERIZE="BEGIN {print \"$HEADER\"}"
 	FILTER=$HEADERIZE'/^[^ \t]/ && !/^(DEVICE|Totals)/{printf "%-7s %.2f  %.2f  %d    %d     %s  %s        %s\n", $1, $2/1024, $3/1024, $4, $5, OSName, OS_version, IP_address}'
 elif [ "$KERNEL" = "FreeBSD" ] ; then
-	CMD='iostat -x -c 2'
+	CMD='iostat -x -c 2 -w 60'
 	assertHaveCommand "$CMD"
     DEFINE="-v OSName=$(uname -s) -v OS_version=$(uname -r) -v IP_address=$(ifconfig -a | grep 'inet ' | grep -v 127.0.0.1 | cut -d\  -f2 | head -n 1)"
 	FILTER='/device/ && /r\/s/ && /w\/s/ {f++;} f==2'

bin/lsof.sh

@@ -21,7 +21,8 @@ if [[ "$KERNEL" = "Linux" ]] || [[ "$KERNEL" = "HP-UX" ]] || [[ "$KERNEL" = "Dar
 		# shellcheck disable=SC2016
 		FILTER='/KQUEUE|PIPE|PSXSEM/ {next}'
 	elif [ "$KERNEL" = "FreeBSD" ] ; then
-		if [[ $KERNEL_RELEASE =~ 11.* ]] || [[ $KERNEL_RELEASE =~ 12.* ]] || [[ $KERNEL_RELEASE =~ 13.* ]]; then
+        major=${KERNEL_RELEASE%%.*}
+        if ((major >= 13)); then
 			# empty condition to allow the execution of script as is
 			echo > /dev/null
 		else

bin/nfsiostat.sh

@@ -50,7 +50,7 @@ if [ "$KERNEL" = "Linux" ] ; then
     then
         # shellcheck disable=SC2016
         OS_RELEASE=$(awk -F= '/^ID=/ {gsub(/"/, "", $2); id=$2} /^VERSION_ID=/ {gsub(/"/, "", $2); ver=$2} END {print id ":" ver}' "$OS_FILE")
-        if [ "$OS_RELEASE" = "ubuntu:18.04" ] || [ "$OS_RELEASE" = "ubuntu:20.04" ] || [ "$OS_RELEASE" = "ubuntu:22.04" ] || [ "$OS_RELEASE" = "rocky:9.5" ] || [ "$OS_RELEASE" = "almalinux:9.5" ] || [ "$OS_RELEASE" = "ol:8.9" ] ; then # Ubuntu 18.04, 20.04 and 22.04 # Rocky or AlmaLinux 9.5 # Oracle Linux 8.9
+        if [ "$OS_RELEASE" = "ubuntu:18.04" ] || [ "$OS_RELEASE" = "ubuntu:20.04" ] || [ "$OS_RELEASE" = "ubuntu:22.04" ] || [ "$OS_RELEASE" = "ubuntu:24.04" ] || [ "$OS_RELEASE" = "rocky:9.5" ] || [ "$OS_RELEASE" = "almalinux:9.5" ] || [ "$OS_RELEASE" = "ol:8.9" ] ; then # Ubuntu 18.04, 20.04 and 22.04 # Rocky or AlmaLinux 9.5 # Oracle Linux 8.9
             # shellcheck disable=SC2016
             FORMAT='{
                 if (NR%10==2){

bin/ps.sh

@@ -6,15 +6,18 @@
 . "$(dirname "$0")"/common.sh
 
 # shellcheck disable=SC2166
-if [ "$KERNEL" = "Linux" -o "$KERNEL" = "Darwin" -o "$KERNEL" = "FreeBSD" -o "$KERNEL" = "OpenBSD" ] ; then
+if [ "$KERNEL" = "Linux" ] ; then
     assertHaveCommand ps
-    CMD='ps auxww'
+    CMD='ps -wweo user,pid,%cpu,%mem,vsz,rss,tname,stat,start_time,bsdtime,etime,command'
 elif [ "$KERNEL" = "AIX" ] ; then
     assertHaveCommandGivenPath /usr/sysv/bin/ps
     CMD='/usr/sysv/bin/ps -eo user,pid,psr,pcpu,time,pmem,rss,vsz,tty,s,etime,args'
 elif [ "$KERNEL" = "SunOS" ] ; then
     assertHaveCommandGivenPath /usr/bin/ps
     CMD='/usr/bin/ps -eo user,pid,psr,pcpu,time,pmem,rss,vsz,tty,s,etime,args'
+elif [ "$KERNEL" = "Darwin" ] ; then
+    assertHaveCommand ps
+    CMD='ps axo user,pid,%cpu,cputime,%mem,rss,vsz,tt,state,start,etime,command'
 elif [ "$KERNEL" = "HP-UX" ] ; then
     HEADER='USER               PID   PSR   pctCPU       CPUTIME  pctMEM     RSZ_KB     VSZ_KB   TTY      S       ELAPSED  COMMAND             ARGS'
     # shellcheck disable=SC2016
@@ -35,6 +38,9 @@ elif [ "$KERNEL" = "HP-UX" ] ; then
     $CMD | tee "$TEE_DEST" | $AWK "$HEADERIZE $FORMAT $PRINTF"  header="$HEADER"
     echo "Cmd = [$CMD];  | $AWK '$HEADERIZE $FORMAT $PRINTF' header=\"$HEADER\"" >> "$TEE_DEST"
     exit
+elif [ "$KERNEL" = "FreeBSD" -o "$KERNEL" = "OpenBSD" ] ; then
+    assertHaveCommand ps
+    CMD='ps axo user,pid,%cpu,cputime,%mem,rss,vsz,tt,state,start,etime,command'
 fi
 
 # shellcheck disable=SC2016

bin/ps_metric.sh

@@ -8,19 +8,19 @@
 . "$(dirname "$0")"/common.sh
 
 # shellcheck disable=SC2166
-if [ "$KERNEL" = "Linux" -o "$KERNEL" = "Darwin" -o "$KERNEL" = "FreeBSD" -o "$KERNEL" = "OpenBSD" ] ; then
+if [ "$KERNEL" = "Linux" ] ; then
     assertHaveCommand ps
-    CMD='ps auxww'
+    CMD='ps -wweo user,pid,%cpu,%mem,vsz,rss,tname,stat,start_time,bsdtime,etime,command'
-    if [ "$KERNEL" = "Linux" ] ; then
     if [ ! -f "/etc/os-release" ] ; then
-            DEFINE="-v OSName=$(cat /etc/*release | head -n 1| awk -F" release " '{print $1}'| tr ' ' '_') -v OS_version=$(cat /etc/*release | head -n 1| awk -F" release " '{print $2}' | cut -d\. -f1) -v IP_address=$(ip -4 route show default | awk '{print $9}') -v IPv6_Address=$(ip -6 -brief address show scope global | xargs | cut -d ' ' -f 3 | cut -d '/' -f 1)"
+        DEFINE="-v OSName=$(cat /etc/*release | head -n 1| awk -F" release " '{print $1}'| tr ' ' '_') -v OS_version=$(cat /etc/*release | head -n 1| awk -F" release " '{print $2}' | cut -d\. -f1) -v IP_address=$(hostname -I | cut -d\  -f1) -v IPv6_Address=$(ip -6 -brief address show scope global | xargs | cut -d ' ' -f 3 | cut -d '/' -f 1)"
     else
-            DEFINE="-v OSName=$(cat /etc/*release | grep '\bNAME=' | cut -d '=' -f2 | tr ' ' '_' | cut -d\" -f2) -v OS_version=$(cat /etc/*release | grep -E '\b(VERSION|BUILD)_ID=' | cut -d '=' -f2 | cut -d\" -f2) -v IP_address=$(ip -4 route show default | awk '{print $9}') -v IPv6_Address=$(ip -6 -brief address show scope global | xargs | cut -d ' ' -f 3 | cut -d '/' -f 1)"
+        DEFINE="-v OSName=$(cat /etc/*release | grep '\bNAME=' | cut -d '=' -f2 | tr ' ' '_' | cut -d\" -f2) -v OS_version=$(cat /etc/*release | grep '\bVERSION_ID=' | cut -d '=' -f2 | cut -d\" -f2) -v IP_address=$(hostname -I | cut -d\  -f1) -v IPv6_Address=$(ip -6 -brief address show scope global | xargs | cut -d ' ' -f 3 | cut -d '/' -f 1)"
     fi
-    elif [ "$KERNEL" = "Darwin" -o "$KERNEL" = "FreeBSD" -o "$KERNEL" = "OpenBSD" ] ; then
+elif [ "$KERNEL" = "Darwin" -o "$KERNEL" = "FreeBSD" -o "$KERNEL" = "OpenBSD" ] ; then
+    assertHaveCommand ps
+    CMD='ps axo user,pid,%cpu,%mem,vsz,rss,tt,state,start,cputime,etime,command'
     # Filters have been applied to get rid of IPv6 addresses designated for special usage to extract only the global IPv6 address.
     DEFINE="-v OSName=$(uname -s) -v OS_version=$(uname -r) -v IP_address=$(ifconfig -a | grep 'inet ' | grep -v 127.0.0.1 | cut -d\  -f2 | head -n 1) -v IPv6_Address=$(ifconfig -a | grep inet6 | grep -v ' ::1 ' | grep -v ' ::1/' | grep -v ' ::1%' | grep -v ' fe80::' | grep -v ' 2002::' | grep -v ' ff00::' | head -n 1 | xargs | cut -d '/' -f 1 | cut -d '%' -f 1 | cut -d ' ' -f 2)"
-    fi
 elif [ "$KERNEL" = "AIX" ] ; then
     assertHaveCommandGivenPath /usr/sysv/bin/ps
     CMD='/usr/sysv/bin/ps -eo user,pid,psr,pcpu,time,pmem,rss,vsz,tty,s,etime,args'

bin/rlog.sh

@@ -18,7 +18,8 @@ else
 fi
 CURRENT_AUDIT_FILE=/var/log/audit/audit.log # For handling upgrade scenarios
 TMP_ERROR_FILTER_FILE=$(mktemp) # For filering out "no matches" error from stderr
-AUDIT_FILE="/var/log/audit/audit.log*"
+AUDIT_LOG_DIR="/var/log/audit"
+AUDIT_FILES=$(ls -1 "${AUDIT_LOG_DIR}"/audit.log "${AUDIT_LOG_DIR}"/audit.log.[0-9]* 2>/dev/null | sort -V)
 
 if [ "$KERNEL" = "Linux" ] ; then
     assertHaveCommand service
@@ -28,25 +29,32 @@ if [ "$KERNEL" = "Linux" ] ; then
 
             if [ -e "$SEEK_FILE" ] ; then
                 SEEK_TIME=$(head -1 "$SEEK_FILE")
+                for AUDIT_FILE in $AUDIT_FILES; do
                     # shellcheck disable=SC2086
-                awk " { print } " $AUDIT_FILE | /sbin/ausearch -i -ts $SEEK_TIME -te $CURRENT_TIME 2>$TMP_ERROR_FILTER_FILE | grep -v "^----";
+                    /sbin/ausearch -i -ts $SEEK_TIME -te $CURRENT_TIME -if "$AUDIT_FILE" 2>"$TMP_ERROR_FILTER_FILE" | grep -v "^----"
                     # shellcheck disable=SC2086
-                grep -v "<no matches>" < $TMP_ERROR_FILTER_FILE 1>&2
+                    grep -v "<no matches>" <"$TMP_ERROR_FILTER_FILE" 1>&2
+                done
 
             elif [ -e "$OLD_SEEK_FILE" ] ; then
                 rm -rf "$OLD_SEEK_FILE" # remove previous checkpoint
+                for AUDIT_FILE in $AUDIT_FILES; do
                     # start ingesting from the first entry of current audit file
                     # shellcheck disable=SC2086
-                awk ' { print } ' $CURRENT_AUDIT_FILE | /sbin/ausearch -i -te $CURRENT_TIME 2>$TMP_ERROR_FILTER_FILE | grep -v "^----";
+                    /sbin/ausearch -i -te $CURRENT_TIME -if "$AUDIT_FILE" 2>"$TMP_ERROR_FILTER_FILE" | grep -v "^----"
                     # shellcheck disable=SC2086
-                grep -v "<no matches>" <$TMP_ERROR_FILTER_FILE 1>&2
+                    grep -v "<no matches>" <"$TMP_ERROR_FILTER_FILE" 1>&2
+                done
 
             else
                 # no checkpoint found
+                for AUDIT_FILE in $AUDIT_FILES; do
                     # shellcheck disable=SC2086
-                awk " { print } " $AUDIT_FILE | /sbin/ausearch -i -te $CURRENT_TIME 2>$TMP_ERROR_FILTER_FILE | grep -v "^----";
+                    /sbin/ausearch -i -te $CURRENT_TIME -if "$AUDIT_FILE" 2>"$TMP_ERROR_FILTER_FILE" | grep -v "^----"
                     # shellcheck disable=SC2086
-                grep -v "<no matches>" <$TMP_ERROR_FILTER_FILE 1>&2
+                    grep -v "<no matches>" <"$TMP_ERROR_FILTER_FILE" 1>&2
+                done
+
             fi
             echo "$CURRENT_TIME" > "$SEEK_FILE" # Checkpoint+
 

bin/vmstat.sh

@@ -22,6 +22,11 @@ if [ "$KERNEL" = "Linux" ] ; then
 	assertHaveCommand ps
 	assertHaveCommand vmstat
 	assertHaveCommand sar
+	PAGE_SIZE=$(getconf PAGE_SIZE)
+	HEADERIZE="BEGIN {
+			print \"$HEADER\"
+			pageSize = $PAGE_SIZE
+			}"
 	# shellcheck disable=SC2016
 	CMD='eval uptime ; ps -e | wc -l ; ps -eT | wc -l ; vmstat -s ; `dirname $0`/hardware.sh; sar -B 1 2; sar -I SUM 1 2'
 	# shellcheck disable=SC2016
@@ -29,7 +34,7 @@ if [ "$KERNEL" = "Linux" ] ; then
 	# shellcheck disable=SC2016
 	PARSE_1='/total memory$/ {memTotalMB=$1/1024} /free memory$/ {memFreeMB+=$1/1024} /buffer memory$/ {memFreeMB+=$1/1024} /swap cache$/ {memFreeMB+=$1/1024}'
 	# shellcheck disable=SC2016
-	PARSE_2='/(K|pages) paged out$/ {pgPageOut=$1} /used swap$/ {swapUsed=$1} /free swap$/ {swapFree=$1} /pages swapped out$/ {pgSwapOut=$1}'
+	PARSE_2='/pages paged out$/ {pgPageOut=$1} /K paged out$/ {pgPageOut=int($1*1024/pageSize)} /used swap$/ {swapUsed=$1} /free swap$/ {swapFree=$1} /pages swapped out$/ {pgSwapOut=$1}'
 	# shellcheck disable=SC2016
 	PARSE_3='/interrupts$/ {interrupts=$1} /CPU context switches$/ {cSwitches=$1} /forks$/ {forks=$1}'
 	# shellcheck disable=SC2016
@@ -67,9 +72,9 @@ elif [ "$KERNEL" = "SunOS" ] ; then
 	# Sample output: http://opensolarisforum.org/man/man1/sar.html
 	if [ "$SOLARIS_10" = "true" ] || [ "$SOLARIS_11" = "true" ] ; then
 		# shellcheck disable=SC2016
-		PARSE_6='($1 ~ "atch*") {nr[NR+3]} NR in nr {pgPageIn_PS=$3;}'
+		PARSE_6='($1 ~ "atch*") {nr[NR+10]} NR in nr {pgPageIn_PS=$4;}'
 		# shellcheck disable=SC2016
-		PARSE_7='($3 ~ "ppgout*") {nr2[NR+3]} NR in nr2 {pgPageOut_PS=$3}'
+		PARSE_7='($3 ~ "ppgout*") {nr2[NR+10]} NR in nr2 {pgPageOut_PS=$3}'
 	else
 		# shellcheck disable=SC2016
 		PARSE_6='($3 ~ "atch*") {nr[NR+3]} NR in nr {pgPageIn_PS=$5}'

bin/vmstat_metric.sh

@@ -26,16 +26,16 @@ if [ "$KERNEL" = "Linux" ] ; then
 	# shellcheck disable=SC2016
 	CMD='eval uptime ; ps -e | wc -l ; ps -eT | wc -l ; vmstat -s ; `dirname $0`/hardware.sh; sar -B 1 2; sar -I SUM 1 2'
 	if [ ! -f "/etc/os-release" ] ; then
-        DEFINE="-v OSName=$(cat /etc/*release | head -n 1| awk -F" release " '{print $1}'| tr ' ' '_') -v OS_version=$(cat /etc/*release | head -n 1| awk -F" release " '{print $2}' | cut -d\. -f1) -v IP_address=$(ip -4 route show default | awk '{print $9}')"
+        DEFINE="-v OSName=$(cat /etc/*release | head -n 1| awk -F" release " '{print $1}'| tr ' ' '_') -v OS_version=$(cat /etc/*release | head -n 1| awk -F" release " '{print $2}' | cut -d\. -f1) -v IP_address=$(hostname -I | cut -d\  -f1) -v PAGE_SIZE=$(getconf PAGE_SIZE)"
     else
-        DEFINE="-v OSName=$(cat /etc/*release | grep '\bNAME=' | cut -d '=' -f2 | tr ' ' '_' | cut -d\" -f2) -v OS_version=$(cat /etc/*release | grep -E '\b(VERSION|BUILD)_ID=' | cut -d '=' -f2 | cut -d\" -f2) -v IP_address=$(ip -4 route show default | awk '{print $9}')"
+        DEFINE="-v OSName=$(cat /etc/*release | grep '\bNAME=' | cut -d '=' -f2 | tr ' ' '_' | cut -d\" -f2) -v OS_version=$(cat /etc/*release | grep '\bVERSION_ID=' | cut -d '=' -f2 | cut -d\" -f2) -v IP_address=$(hostname -I | cut -d\  -f1) -v PAGE_SIZE=$(getconf PAGE_SIZE)"
     fi
 	# shellcheck disable=SC2016
 	PARSE_0='NR==1 {loadAvg1mi=0+$(NF-2)} NR==2 {processes=$1} NR==3 {threads=$1}'
 	# shellcheck disable=SC2016
 	PARSE_1='/total memory$/ {memTotalMB=$1/1024} /free memory$/ {memFreeMB+=$1/1024} /buffer memory$/ {memFreeMB+=$1/1024} /swap cache$/ {memFreeMB+=$1/1024}'
 	# shellcheck disable=SC2016
-	PARSE_2='/(K|pages) paged out$/ {pgPageOut=$1} /used swap$/ {swapUsed=$1} /free swap$/ {swapFree=$1} /pages swapped out$/ {pgSwapOut=$1}'
+	PARSE_2='/pages paged out$/ {pgPageOut=$1} /K paged out$/ {pgPageOut=int($1*1024/PAGE_SIZE)} /used swap$/ {swapUsed=$1} /free swap$/ {swapFree=$1} /pages swapped out$/ {pgSwapOut=$1}'
 	# shellcheck disable=SC2016
 	PARSE_3='/interrupts$/ {interrupts=$1} /CPU context switches$/ {cSwitches=$1} /forks$/ {forks=$1}'
 	# shellcheck disable=SC2016
@@ -74,9 +74,9 @@ elif [ "$KERNEL" = "SunOS" ] ; then
 	# Sample output: http://opensolarisforum.org/man/man1/sar.html
 	if [ "$SOLARIS_10" = "true" ] || [ "$SOLARIS_11" = "true" ] ; then
         # shellcheck disable=SC2016
-		PARSE_6='($1 ~ "atch*") {nr[NR+3]} NR in nr {pgPageIn_PS=$3;}'
+        PARSE_6='($1 ~ "atch*") {nr[NR+10]} NR in nr {pgPageIn_PS=$4;}'
         # shellcheck disable=SC2016
-		PARSE_7='($3 ~ "ppgout*") {nr2[NR+3]} NR in nr2 {pgPageOut_PS=$3}'
+        PARSE_7='($3 ~ "ppgout*") {nr2[NR+10]} NR in nr2 {pgPageOut_PS=$3}'
 	else
 		# shellcheck disable=SC2016
 		PARSE_6='($3 ~ "atch*") {nr[NR+3]} NR in nr {pgPageIn_PS=$5}'

default/app.conf

@@ -7,7 +7,7 @@
 [install]
 is_configured = false
 state = enabled
-build = 1738793362
+build = 1748985697
 
 [ui]
 setup_view = ta_nix_configuration
@@ -17,7 +17,7 @@ docs_section_override = AddOns:released
 
 [launcher]
 author = Michael Erdely
-version = 10.0.0.1
+version = 10.1.0.0
 description = Technical Add-on for Unix and Linux
 
 #[package]
@@ -26,5 +26,5 @@ description = Technical Add-on for Unix and Linux
 
 [id]
 name = TA-unix
-version = 10.0.0.1
+version = 10.1.0.0
 

default/props.conf

@@ -97,7 +97,7 @@ LINE_BREAKER = ([\r\n]+)
 KV_MODE = json
 NO_BINARY_CHECK = true
 TRUNCATE=1000000
-TRANSFORMS-docker-metric-dimensions=eval_dimensions
+TRANSFORMS-docker-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_docker
 
 [vmstat_metric]
@@ -108,7 +108,7 @@ DATETIME_CONFIG = CURRENT
 KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
-TRANSFORMS-vmstat-metric-dimensions=eval_dimensions
+TRANSFORMS-vmstat-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_vmstat
 
 [cpu_metric]
@@ -121,7 +121,7 @@ TRUNCATE=1000000
 KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
-TRANSFORMS-cpu-metric-dimensions=eval_dimensions
+TRANSFORMS-cpu-metric-dimensions=splunk_ta_nix_eval_dimensions
 TRANSFORMS-cpu-metric-field=extract_cpu_metric_field
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_cpu
 
@@ -133,7 +133,7 @@ DATETIME_CONFIG = CURRENT
 KV_MODE = none
 INDEXED_EXTRACTIONS = TSV
 TRANSFORMS-df-metrics=extract_df_metrics
-TRANSFORMS-df-metric-dimensions=eval_dimensions
+TRANSFORMS-df-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_df
 
 [interfaces_metric]
@@ -145,7 +145,7 @@ KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
 EVAL-Duplex=case(Duplex==2,"Full", Duplex==1,"Half", Duplex==0, "Unknown", true(), Duplex)
-TRANSFORMS-interfaces-metric-dimensions=eval_dimensions
+TRANSFORMS-interfaces-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_interfaces
 
 [iostat_metric]
@@ -157,7 +157,7 @@ KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
 TRANSFORMS-iostat-metrics-field=extract_iostat_metrics_field
-TRANSFORMS-iostat-metric-dimensions=eval_dimensions
+TRANSFORMS-iostat-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_iostat
 
 [ps_metric]
@@ -168,7 +168,7 @@ DATETIME_CONFIG = CURRENT
 KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
-TRANSFORMS-ps-metric-dimensions=eval_dimensions
+TRANSFORMS-ps-metric-dimensions=splunk_ta_nix_eval_dimensions
 TRANSFORMS-ps-metric-field=extract_ps_metric_field
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_ps
 
@@ -221,9 +221,11 @@ TRUNCATE=1000000
 DATETIME_CONFIG = CURRENT
 KV_MODE = multi
 FIELDALIAS-dest_for_df = host as dest
-FIELDALIAS-filesystem_for_df = Filesystem AS filesystem
 FIELDALIAS-filesystem_type_for_df = Type as filesystem_type
-FIELDALIAS-mount_for_df = MountedOn AS mount
+EVAL-Filesystem = replace(Filesystem, " ", " ")
+EVAL-filesystem = replace(Filesystem, " ", " ")
+EVAL-MountedOn = replace(MountedOn, " ", " ")
+EVAL-mount = replace(MountedOn, " ", " ")
 EVAL-Type = coalesce('Type',"?")
 EVAL-filesystem_type = coalesce('Type',"?")
 EVAL-Size = coalesce('Size','1024_blocks')

default/transforms.conf

@@ -179,7 +179,7 @@ REGEX=[[dhcp_prefix_src]]reuse_lease:\s+lease\s+age.*under.*threshold,\s+reply\s
 
 ###### Scripted Metric Inputs ######
 
-[eval_dimensions]
+[splunk_ta_nix_eval_dimensions]
 # Support for omitting the IPv6 Address field when the script output doesn't include an IPv6 Address
 INGEST_EVAL = metric_name=sourcetype, entity_type="TA_Nix", OS_name=replace(OSName, "_", " "), IPv6_address = if(IPv6_Address=="?", null(), IPv6_Address)
 

docs/ReleaseNotes.md

@@ -1,5 +1,13 @@
 # Technical Add-on for Unix and Linux
 
+## Version 10.0.0.2 (
+
+Minor fixes
+
+Changes:
+
+* Make RPI CPU_TYPE not have trailing comma
+
 ## Version 10.0.0.1 (2025-02-19)
 
 Fix report CPU_TYPE in hardware.sh for RPIs