TA-unix

mike/TA-unix

Fork 0

RSS feed

9.2.0.5 5551b8973d
Add script for docker events/metrics and support running TA outside of Splunk Stable

mike released this 2025-01-11 23:28:44 -05:00 | 10 commits to main since this release
- Add docker.sh and docker_metric.sh for collecting docker events/metrics
- Add helper script to extra/ to run the TA commands on systems without
  a Splunk forwarder. The commands can be sent to a syslog server.
  This script is useful for systems with small or read-only filesystems that
  cannot support a Universal Forwarder.
- Add syslog_inputs_nix_ta app to extra/ for ingesting the data from syslog
Downloads
- Source code (ZIP)
  1 download
- Source code (TAR.GZ)
  2 downloads
- ta-for-unix-and-linux-9.2.0.5.tgz
  2 downloads · 141 KiB
9.2.0.4 5e766d84d5
Make distro_name work everywhere (version.sh) Stable

mike released this 2025-01-11 15:07:24 -05:00 | 11 commits to main since this release
- For MacOS, print MacOS for distro_name
- For others, print $KERNEL for distro_name
Downloads
- Source code (ZIP)
  0 downloads
- Source code (TAR.GZ)
  1 download
- ta-for-unix-and-linux-9.2.0.4.tgz
  2 downloads · 136 KiB
9.2.0.3 cb7f7785c8
Fix bug in 9.2.0.2 Stable

mike released this 2025-01-11 14:45:28 -05:00 | 12 commits to main since this release
- Add code I forgot for machine_arch for Linux
- Add Makefile to make making releases easier
Downloads
- Source code (ZIP)
  0 downloads
- Source code (TAR.GZ)
  1 download
- ta-for-unix-and-linux-9.2.0.3.tgz
  2 downloads · 135 KiB
9.2.0.2 c2893d577b
Improvements for version.sh Stable

mike released this 2025-01-11 14:02:23 -05:00 | 15 commits to main since this release
- Include kernel_release, kernel_version, and distro_name
- For Linux and MacOS, use actual OS versions/releases instead of
  kernel version/release
Downloads
- Source code (ZIP)
  0 downloads
- Source code (TAR.GZ)
  1 download
- ta-for-unix-and-linux-9.2.0.2.tgz
  2 downloads · 135 KiB
9.2.0.1 7b0b703510
Initial fork of the Splunk Add-on for Unix and Linux Stable

mike released this 2025-01-09 17:55:11 -05:00 | 16 commits to main since this release
- Use ip command to determine IP address
  ('hostname -I' does not work on all Linux systems)
- Filter out multiple listing of the same btrfs volume
- Use mktemp for temp files (for times when the TA may be run outside of Splunk)
- If running rlog.sh outside of Splunk, use $HOME to store seek file
- Debian also uses apt
- Arch Linux uses pacman
- Add use of sudo -n for 'apt update' and 'pacman -Syy'
- vmstat uses "K paged out"
- Replace the use of 'sar' with netstat and vm_stat for MacOS
Downloads
- Source code (ZIP)
  0 downloads
- Source code (TAR.GZ)
  1 download

1 2

15 releases 17 tags

Add script for docker events/metrics and support running TA outside of Splunk Stable

Make distro_name work everywhere (version.sh) Stable

Fix bug in 9.2.0.2 Stable

Improvements for version.sh Stable

Initial fork of the Splunk Add-on for Unix and Linux Stable