It's Very Powerful

Welcome to verypowerful.info 

 

This site is dedicated to providing very powerful information about linux, unix, devops, big data, virtualization, and monitoring with a focus on 
SplunkNagios, and Puppet.

My Daughter, Riviera in her Splunk outfit :)

   Check out some of my open source add-ons:
  • Feel free to contact me with any questions or queries, I am also open to collaboration on these and other cool & interesting open source projects. 

Luke.




Developing Splunk Apps

posted Oct 4, 2013, 12:40 AM by Luke Harris

I had a great time at Splunk conf2013 and cannot wait to get stuck into the new features in Splunk 6 aka Episode VI: Return of the Jedi :)

It was great to see so many Sideview Utils and Splunk for Nagios users at my talk, thanks to everyone who came down!

Download the slide deck from my session on "Developing Splunk Apps". 

Luke.

Splunk 6 & Splunk for Nagios 3 are GA!

posted Oct 1, 2013, 12:58 PM by Luke Harris

Get the good stuff now!
Splunk for Nagios 3: http://apps.splunk.com/app/352/

Feedback welcome :)

Luke.

It is still very powerful!

posted Sep 25, 2013, 6:44 AM by Luke Harris

It's all happening :) 

Nagios version 4 was released last week, Splunk version 6 is out next month, and Splunk for Nagios version 3 is currently in private beta. 

I am also preparing to present at the 4th Annual Splunk Worldwide Users' Conference in Las Vegas next week! 



I will explain how I use Virtualization, Puppet, git and Sideview Utils to build very powerful dashboards at a large telco for disparate business units to achieve valuable business insights. I will also demo the latest version of Splunk for Nagios. 


Hope to see you there!

Luke.

Splunk for Nagios now hosted at GitHub !!!

posted Oct 30, 2012, 10:17 PM by Luke Harris

Splunk 5 got released overnight, so now it is time to get stuck in and work on Splunk for Nagios again!

I am currently collaborating on some very exciting features for version 3 of Splunk for Nagios under the dela-3.0.0-rc branch... 

Feel free to submit a pull request :)


L.

Splunk Puppet Module

posted Mar 15, 2012, 7:55 PM by Luke Harris   [ updated Jan 7, 2013, 3:51 PM ]

I have been working on puppetizing our Splunk servers, here is my Splunk puppet manifest that works with Splunk version 4.x. and 5.x :)

I have used three classes;
one class for universal forwarders "splunk::uf"
one class for heavy forwarders "splunk::hf"
one class for servers "splunk::server"

Update Aug 24th 2012:
  • Added class for heavy forwarders "splunk::hf"
Update May 18th 2012:
  • Fixed bug for license clients
Update May 15th 2012:
  • Added support for distributed search, license clients, and auto-loadbalanced universal forwarders.

Disclaimer
  • This init.pp has been created for the specifics of our Puppet environment (Puppet v2.7.1) and it may or may not suit your specific purposes.

Example node definitions:

#Universal Forwarder
node splunk-uf {
    $splunk_admin_password = 'passsword'
    $splunk_disabled = 'false'
    $splunk_indexer = [ 'splunk-hf1.internal.awesome.com', 'splunk-hf2.internal.awesome.com' ]
    $splunk_uf_port = '9997'
    $splunk_compressed = 'false'
    include soe
    include splunk::uf
}

#Heavy Forwarder
node splunk-hf1 {
    $splunk_admin_password = 'passsword'
    $splunk_disabled = 'false'
    $splunk_indexer = [ 'indexer1.internal.awesome.com', 'indexer2.internal.awesome.com' ]
    $splunk_minimum_diskusage = '200'
    $splunk_uf_port = '9997'
    $splunk_compressed = 'false'
    include soe
    include splunk::hf
}

#Heavy Forwarder
node splunk-hf2 {
    $splunk_admin_password = 'passsword'
    $splunk_disabled = 'false'
    $splunk_indexer = [ 'indexer1.internal.awesome.com', 'indexer2.internal.awesome.com' ]
    $splunk_minimum_diskusage = '200'
    $splunk_uf_port = '9997'
    $splunk_compressed = 'false'
    include soe
    include splunk::hf
}

#Search Head
node search-head {
    $splunk_admin_password = 'passsword'
    $splunk_search_head = 'true'
    $splunk_indexer = [ 'indexer1.internal.awesome.com', 'indexer2.internal.awesome.com' ]
    $splunk_license_client = 'true'
    $splunk_license_server = 'indexer2.internal.awesome.com'
    $splunk_license = 'web_1333423808.55.lic'
    $splunk_session_timeout = '12h'
    $splunk_admin_port = '8089'
    $splunk_uf_port = '9997'
    $splunk_compressed = 'false'
    include soe
    include splunk::server
}

#Indexer
node indexer1 {
    $splunk_admin_password = 'passsword'
    $splunk_license_client = 'true'
    $splunk_license_server = 'indexer2.internal.awesome.com'
    $splunk_license = 'web_1333423808.55.lic'
    $splunk_session_timeout = '12h'
    $splunk_admin_port = '8089'
    $splunk_uf_port = '9997'
    $splunk_compressed = 'false'
    include soe
    include splunk::server
}

#Indexer and License Server
node indexer2 {
    $splunk_admin_password = 'passsword'
    $splunk_license_server = 'indexer2.internal.awesome.com'
    $splunk_license = 'web_1333423808.55.lic'
    $splunk_session_timeout = '12h'
    $splunk_admin_port = '8089'
    $splunk_uf_port = '9997'
    $splunk_compressed = 'false'
    include soe
    include splunk::server
}



Splunk Puppet Module manifest:

#Splunk puppet ninja code

class splunk {
  
  # Universal Forwarder
  class uf {
      package { splunkforwarder:
      ensure => "4.3.2-123586",
    }

    service { splunk:
      ensure  => "running",
      enable  => "true",
      require    => [ File[ 
                            "/etc/init.d/splunk",
                            "/opt/splunkforwarder/etc/auth/cacert.pem", 
                            "/opt/splunkforwarder/etc/apps/SplunkUniversalForwarder"
                          ], 
                      Package["splunkforwarder"],
                    ],
      
    }
    
    file { "/opt/splunkforwarder/etc/apps/SplunkUniversalForwarder": 
      ensure => present,
      mode => 755,
      owner => splunk,
      group => splunk,
      recurse => true,
      purge => false,
      source => [
        "puppet:///modules/splunk/etc/apps/SplunkUniversalForwarder",
      ],
      require => Package['splunkforwarder'],
    }

    file { "/opt/splunkforwarder/etc/auth/forwarder.pem":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/auth/forwarder.pem",
      ],
      require => Package['splunkforwarder'],
    }
    
    file { "/opt/splunkforwarder/etc/auth/cacert.pem":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/auth/cacert.pem",
      ],
      require => Package['splunkforwarder'],
    }

    define add-forwarder() {
      exec { "exec-forwarder-$name":
        path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
        command => "/opt/splunkforwarder/bin/splunk add forward-server ${name}:$splunk_uf_port -method autobalance -auth admin:$splunk_admin_password",
        unless  => "grep -qs ${name} /opt/splunkforwarder/etc/system/local/outputs.conf",
        require => Service['splunk'],
      }
    }

    add-forwarder{$splunk_indexer: }

    file { "/opt/splunkforwarder/etc/system/local/inputs.conf":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/system/local/uf-inputs.conf",
      ],
      require => Package['splunkforwarder'],
    }

    # Users local to the Splunk install (e.g., admin)
    file { "/opt/splunkforwarder/etc/passwd":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/passwd",
      ],
      require => Package['splunkforwarder'],
      notify  => Service['splunk'],
    }

    # Init script (Based on `/opt/splunk/bin/splunk enable boot-start`)
    file { "/etc/init.d/splunk":
      ensure => present,
      mode => 755,
      owner => root,
      group => root,
      source => [
        "puppet:///modules/splunk/etc/uf-init-script",
      ],
    }

  } # end splunk::uf
  
  
  # Splunk Server
  class server {
    package { splunk:
      ensure => "4.3.2-123586",
    }
    
    # Init script (Based on `/opt/splunk/bin/splunk enable boot-start`)
    file { "/etc/init.d/splunk":
      ensure => present,
      mode => 755,
      owner => root,
      group => root,
      source => [
        "puppet:///modules/splunk/etc/server-init-script",
      ],
      require => Exec['enable-splunk'],
    }

    service { splunk:
      ensure     => running,
      enable     => true,
      hasrestart => true,
      hasstatus  => true,
      require    => Exec['start-splunk'],
    }
    
    file { "/opt/splunk/etc/licenses":
      mode => 755,
      owner => splunk,
      group => splunk,
      ensure => directory,
      require => Package['splunk'],
    }
    
    file { "/opt/splunk/etc/licenses/enterprise":
      mode => 755,
      owner => splunk,
      group => splunk,
      ensure => directory,
      require => Package['splunk'],
    }
    
    file { "/opt/splunk/etc/licenses/enterprise/$splunk_license":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/licenses/enterprise/$splunk_license",
      ],
      before => Service['splunk'],
    }
    
    file { "/opt/splunk/etc/system/local/inputs.conf":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      content => template("splunk/local/inputs.conf-server.erb"),
      require => Package['splunk'],
    }

    # Users local to the Splunk install (e.g., admin)
    file { "/opt/splunk/etc/passwd":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/passwd",
      ],
      require => Package['splunk'],
      notify  => Service['splunk'],
    }

    file { "/opt/splunk/etc/auth":
      mode => 700,
      owner => splunk,
      group => splunk,
      ensure => directory,
      require => Package['splunk'],
    }
    
    file { "/opt/splunk/etc/auth/cacert.pem":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/auth/cacert.pem",
      ],
      require => Package['splunk'],
    }

    file { "/opt/splunk/etc/auth/server.pem":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/auth/server.pem",
      ],
      require => Package['splunk'],
    }

    file { "/opt/splunk/etc/system/local/web.conf":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/system/local/server-web.conf",
      ],
      require => Package['splunk'],
    }

    exec { "add-session-timeout":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '/^serverName/a sessionTimeout = ${splunk_session_timeout}' /opt/splunk/etc/system/local/server.conf",
    unless => "grep '^sessionTimeout' /opt/splunk/etc/system/local/server.conf",
    require => Exec['enable-splunk'],
    }

    exec { "set-session-timeout":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '/^sessionTimeout/s/ = .*/ = ${splunk_session_timeout}/' /opt/splunk/etc/system/local/server.conf",
    unless => "grep '^sessionTimeout' /opt/splunk/etc/system/local/server.conf|grep $splunk_session_timeout",
    require => Exec['add-session-timeout'],
    notify => Service['splunk'],
    }

    if $splunk_license_client == 'true' {
      exec { "add-splunk-license-master-header":
      path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
      command => "sed -i '$ a\\[license]' /opt/splunk/etc/system/local/server.conf",  
      unless  => "grep '^\[license]' /opt/splunk/etc/system/local/server.conf",
      require => Exec['enable-splunk'],
      notify => Service['splunk'],
      }

      exec { "change-splunk-license-master":
      path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
      command => "sed -i '/^master_uri/s/ = .*/ = https:\/\/$splunk_license_server:$splunk_admin_port/' /opt/splunk/etc/system/local/server.conf", 
      onlyif  => "grep '^master_uri' /opt/splunk/etc/system/local/server.conf|grep -v http",
      require => Exec['add-splunk-license-master-header'],
      notify => Service['splunk'],
      }

      exec { "change-existing-splunk-license-master":
      path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
      command => "sed -i '/^master_uri/s/ = .*/ = https:\/\/$splunk_license_server:$splunk_admin_port/' /opt/splunk/etc/system/local/server.conf", 
      unless  => "grep '^master_uri' /opt/splunk/etc/system/local/server.conf|grep http|grep ${splunk_license_server}",
      require => Exec['change-splunk-license-master'],
      notify => Service['splunk'],
      }

      exec { "add-splunk-license-master":
      path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
      command => "sed -i '/^\[license]/a master_uri = https://${splunk_license_server}:${splunk_admin_port}' /opt/splunk/etc/system/local/server.conf", 
      unless  => "grep '^master_uri' /opt/splunk/etc/system/local/server.conf|grep ${splunk_license_server}",
      require => Exec['change-existing-splunk-license-master'],
      notify => Service['splunk'],
      }
    }

    define add-distributedsearch() {
      exec { "exec-distributedsearch-$name":
        path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
        command => "/opt/splunk/bin/splunk add search-server -host ${name}:$splunk_admin_port -auth admin:$splunk_admin_password -remoteUsername admin -remotePassword $splunk_admin_password",
        unless  => "grep -qs ${name} /opt/splunk/etc/system/local/distsearch.conf",
        require => Service['splunk'],
      }
    }

    if $splunk_search_head == 'true' {
    add-distributedsearch{$splunk_indexer: }
    }

    # Enable splunk on boot and accept the EULA
    exec { "enable-splunk":
    command => "/opt/splunk/bin/splunk enable boot-start --no-prompt --answer-yes --accept-license",
    unless => "/usr/sbin/update-rc.d -n splunk defaults|grep 'already exist'",
    require => Package['splunk'],
    }

    # Start splunk for the first time
    exec { "start-splunk":
    command => "/opt/splunk/bin/splunk start --no-prompt --answer-yes --accept-license",
    unless => "/usr/bin/pgrep -f 'python.*splunk'",
    require => Exec['enable-splunk'],
    }

  } # end splunk::server

  # Heavy Forwarder
  class hf {
    motd::register {$name:}

    package { splunk:
      ensure => "4.3.3-128297",
    }
    
    service { splunk:
        ensure     => running,
        enable     => true,
        hasrestart => true,
        hasstatus  => true,
        require    => Exec['start-splunk'],
    }

    # Init script (Based on `/opt/splunk/bin/splunk enable boot-start`)
    file { "/etc/init.d/splunk":
      ensure => present,
      mode => 755,
      owner => root,
      group => root,
      source => [
        "puppet:///modules/splunk/etc/server-init-script",
      ],
      require => Exec['enable-splunk'],
    }

    file { "/opt/splunk/etc/auth":
      mode => 700,
      owner => splunk,
      group => splunk,
      ensure => directory,
      require => Package['splunk'],
    }
    
    file { "/opt/splunk/etc/auth/cacert.pem":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/auth/cacert.pem",
      ],
      require => Package['splunk'],
    }

    file { "/opt/splunk/etc/auth/server.pem":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/auth/server.pem",
      ],
      require => Package['splunk'],
    }

    define add-forwarder() {
      exec { "exec-forwarder-$name":
        path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
        command => "/opt/splunk/bin/splunk add forward-server ${name}:$splunk_uf_port -method autobalance -auth admin:$splunk_admin_password",
        unless  => "grep -qs ${name} /opt/splunk/etc/system/local/outputs.conf",
        require => Service['splunk'],
      }
    }

    add-forwarder{$splunk_indexer: }

    # Users local to the Splunk install (e.g., admin)
    file { "/opt/splunk/etc/passwd":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      source => [
        "puppet:///modules/splunk/etc/passwd",
      ],
      require => Package['splunk'],
      notify  => Service['splunk'],
    }

    file { "/opt/splunk/etc/system/local/inputs.conf":
      ensure => present,
      mode => 600,
      owner => splunk,
      group => splunk,
      content => template("splunk/local/inputs.conf-server.erb"),
      require => Package['splunk'],
    }

    exec { "add-minimum-diskusage":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '$ a\\[diskUsage]' /opt/splunk/etc/system/local/server.conf",  
    unless  => "grep '^\[diskUsage]' /opt/splunk/etc/system/local/server.conf",
    require => Exec['enable-splunk'],
    }

    exec { "set-minimum-diskusage":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '/^\[diskUsage]/a minFreeSpace = $splunk_minimum_diskusage' /opt/splunk/etc/system/local/server.conf", 
    unless  => "grep '^minFreeSpace' /opt/splunk/etc/system/local/server.conf",
    require => Exec['add-minimum-diskusage'],
    }

    exec { "change-minimum-diskusage":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '/^minFreeSpace/s/ = .*/ = $splunk_minimum_diskusage/' /opt/splunk/etc/system/local/server.conf", 
    unless  => "grep '^minFreeSpace = $splunk_minimum_diskusage' /opt/splunk/etc/system/local/server.conf",
    require => Exec['set-minimum-diskusage'],
    }

    exec { "add-forwarder-license":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '$ a\\[license]' /opt/splunk/etc/system/local/server.conf",  
    unless  => "grep '^\[license]' /opt/splunk/etc/system/local/server.conf",
    require => Exec['enable-splunk'],
    }

    exec { "set-forwarder-license":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '/^\[license]/a active_group = Forwarder' /opt/splunk/etc/system/local/server.conf", 
    unless  => "grep '^active_group' /opt/splunk/etc/system/local/server.conf",
    require => Exec['add-forwarder-license'],
    }

    exec { "change-forwarder-license":
    path    => "/sbin:/bin/:/usr/bin:/usr/sbin:/usr/local/bin/",
    command => "sed -i '/^active_group/s/ = .*/ = Forwarder/' /opt/splunk/etc/system/local/server.conf", 
    unless  => "grep '^active_group = Forwarder' /opt/splunk/etc/system/local/server.conf",
    require => Exec['set-forwarder-license'],
    }

    # Enable splunk on boot and accept the EULA
    exec { "enable-splunk":
    command => "/opt/splunk/bin/splunk enable boot-start --no-prompt --answer-yes --accept-license",
    unless => "/usr/sbin/update-rc.d -n splunk defaults|grep 'already exist'",
    require => Package['splunk'],
    }

    # Start splunk for the first time
    exec { "start-splunk":
    command => "/opt/splunk/bin/splunk start --no-prompt --answer-yes --accept-license",
    unless => "/usr/bin/pgrep -f 'python.*splunk'",
    require => Exec['enable-splunk'],
    }

  } # end splunk::hf
}

Example template for inputs.conf-server.erb:

[default]
host = <%= fqdn %>

[splunktcp-ssl:<%= splunk_uf_port %>]
compressed = <%= splunk_compressed %>

[SSL]
password = $1$FSzWKhgh7XGLz+fasw==
requireClientCert = true
rootCA = $SPLUNK_HOME/etc/auth/cacert.pem
serverCert = $SPLUNK_HOME/etc/auth/server.pem

Splunk for Postfix - Version 1.1.1 released

posted Mar 15, 2012, 6:36 PM by Luke Harris   [ updated Oct 2, 2013, 10:25 PM ]

I have released another Splunk app :)

  • Splunk for Postfix includes dashboards with charts of Message Size, Messages by Status, Real-Time Message Count, Messages by Host, Top Clients, Top Relays, Top Senders, Top Recipients, Max Connection Count, Max Connection Rate, Max Cache Size, Max Simultaneous Connections, Address Lookups, and Domain Lookups
  • Summary-index-populating searches are scheduled hourly to efficiently report on large volumes of data
  • Quickly and easily view top delivery reasons, errors by host, and common error codes
  • Form Searches including Splunk Transactions by Queue ID
  • Over 20 field extractions, compliant with the Common Information Model
  • All dashboards use the JSChart module to render graphics. JSChart uses JavaScript to build the graphics for a chart. This provides charting support on platforms such as iOS mobile devices that cannot display Flash-based graphics. The JSChart module also provides better printing quality.
  • Any feedback, including requests for enhancement are most welcome. 
Contact:


Screenshots (Click to Zoom)








Splunk for Isilon - Version 1.0 released

posted Oct 26, 2011, 5:25 AM by Luke Harris   [ updated Oct 26, 2011, 7:10 AM ]

Splunk for Isilon integrates the EMC Scale-out NAS Platform "Isilon" with Splunk

  • I have released a new brand new splunk app called Splunk for Isilon, featuring 2 very powerful dashboards:
    • Cluster Performance Dashboard with Graphs of CPU Usage, Network Usage, Disk Usage, and Protocol Usage
    • Nagios Integrated Dashboard with Graphs of Storage Usage, Quota Usage, and Connections by Protocol (Requires Splunk for Nagios)

Splunk for Isilon is Very Powerful

  • Download Splunk for FREE from splunk.com then install Splunk for Isilon to graph critical capacity and performance metrics for your Isilon Cluster.
  • Now you can monitor, manage and troubleshoot your EMC Isilon NAS from one single pane of glass with Splunk for Isilon.
  • Splunk for Isilon can help you retire your manually managed spreadsheets and it has a huge advantage over rrd based graphing solutions, and that is you can graph performance and capacity metrics with full fidelity, ie. no more 'averaged out' rrd based graphs.
  • Note: the free version of Splunk is fully featured! You get all of the Enterprise features of Splunk for 60 days and you can index up to 500 megabytes of data per day. At anytime you can convert to a perpetual Free License or purchase an Enterprise License to continue using the expanded enterprise functionality, namely: multiple user accounts, distributed architecture and deployment for greater scaling, summary indexing for faster reporting, and scheduled searches and alerts.
  • This is version 1.0 of Splunk for Isilon so any feedback, including requests for enhancement are most welcome. Email: luke@verypowerful.info
  • This app has been created for the specifics of our Isilon environment (EMC Isilon with OneFS V6.0.2.47) and it may or may not suit your specific purposes.
  • Copyright (c) 2011 Luke Harris. All Rights Reserved.

Screenshots

   Luke.

Splunk for Symmetrix - Version 1.0 released

posted Oct 26, 2011, 5:16 AM by Luke Harris   [ updated Oct 26, 2011, 8:47 PM ]

Splunk for Symmetrix integrates the EMC Enterprise Storage Array "Symmetrix VMAX" with Splunk

  • I have released a new brand new splunk app called Splunk for Symmetrix, featuring 3 very powerful dashboards:
    • VMAX Storage Dashboard with Graphs of FAST VP Pool Usage, Savvol Usage, and TDEV Capacity
        • VMAX IOPS Dashboard with Graphs of IOPS by Storage Group
          • Nagios Integrated Dashboard with Graphs of IOPS, MB per second, and Write Pending (Requires Splunk for Nagios)

        Splunk for Symmetrix is Very Powerful

        • Download Splunk for FREE from splunk.com then install Splunk for Symmetrix to graph critical capacity and performance metrics for your EMC enterprise storage arrays.
        • Now you can monitor, manage and troubleshoot your EMC Symmetrix VMAX Storage Arrays from one single pane of glass with Splunk for Symmetrix.
        • Splunk for Symmetrix can help you retire your manually managed spreadsheets and it has a huge advantage over rrd based graphing solutions, and that is you can graph performance and capacity metrics with full fidelity, ie. no more 'averaged out' rrd based graphs.
        • Note: the free version of Splunk is fully featured! You get all of the Enterprise features of Splunk for 60 days and you can index up to 500 megabytes of data per day. At anytime you can convert to a perpetual Free License or purchase an Enterprise License to continue using the expanded enterprise functionality, namely: multiple user accounts, distributed architecture and deployment for greater scaling, summary indexing for faster reporting, and scheduled searches and alerts.
        • This is version 1.0 of Splunk for Symmetrix so any feedback, including requests for enhancement are most welcome. Email: luke@verypowerful.info
        • This app has been created for the specifics of our Symmetrix environment (EMC VMAX running at least Enginuity 5875 with Solutions Enabler V7.3.0.1) and it may or may not suit your specific purposes.
        • Copyright (c) 2011 Luke Harris. All Rights Reserved.

        Screenshots

           Luke.

        Splunk for Nagios - Version 2.0.1 released

        posted Sep 22, 2011, 6:09 AM by Luke Harris

        Splunk for Nagios - featuring the new 'check_splunk_license' nagios plugin & dashboard for Splunk License Usage

        • I have released a new version of Splunk for Nagios, featuring the new 'check_splunk_license' nagios plugin & dashboard for Splunk License Usage
        • A bug was also fixed in the Livestatus Alerts Dashboard

        Screenshots

        Download

           Luke.

        Splunk for Nagios - Version 2.0 released

        posted Sep 19, 2011, 8:24 PM by Luke Harris

        Splunk for Nagios - featuring integration with MK Livestatus

        • I have released a new version of Splunk for Nagios, featuring all new dashboards to display performance graphs for your Servers, NAS devices, and Cisco Network devices.
        • Download Splunk for FREE from splunk.com then install Splunk for Nagios to graph metal level metrics (CPU, Memory, Swap, Load, Disk Usage, Network Interface Utilization, Processes, etc) sourced from Nagios Plugin Performance Data
          • Linux, AIX, BSD and Windows hosts supported
        • Splunk for Nagios also includes NAS specific dashboards with graphs of Storage Usage, Quota Usage, SAVVOL Usage, & Connections by Protocol
          • EMC Isilon and Celerra supported
        • 5 new dashboards have been created for Cisco Network devices with graphs of Network Interface Utilization, CPU, Memory, Temperature and Gateway Usage
        • Splunk for Nagios now features integration with MK Livestatus - with 2 new dashboards updated with live status data from Nagios
        • There are also 8 Saved Searches & Reports - including a CMDB Report and Service Alerts by Service Group
        • Now you can monitor, manage and troubleshoot all your devices from one single pane of glass with Splunk for Nagios.
        • Get out of the 1980's and replace Cacti, Munin, MRTG, Orca, etc. with Splunk for Nagios... no more rrd configuration and no more agents to install.
        • Why poll for data twice? Splunk for Nagios creates the performance graphs automatically!
        • Splunk for Nagios also has another huge advantage over rrd based graphing solutions, and that is you can graph performance and capacity metrics with full fidelity, ie. no more 'averaged out' rrd based graphs.
        • Note: the free version of Splunk is fully featured! You get all of the Enterprise features of Splunk for 60 days and you can index up to 500 megabytes of data per day. At anytime you can convert to a perpetual Free License or purchase an Enterprise License to continue using the expanded enterprise functionality, namely: multiple user accounts, distributed architecture and deployment for greater scaling, summary indexing for faster reporting, and scheduled searches and alerts.

        Release Notes:

            v2.0

          • added external lookup scripts for integration with MK Livestatus
          • added 2 dashboards updated with live status data from Nagios
          • added a CMDB Report and Service Alerts by Service Group
          • added 5 Cisco Network Dashboards with Graphs of Network Interface Utilization, CPU, Memory, Temperature and Gateway Usage sourced from Nagios Plugin Performance Data
          • added AIX Filesystem Usage Graphs
          • added BSD specific Host Dashboard

        Screenshots

        Download

           Luke.

        1-10 of 25