ZenPack:Splunk Search Component

From Zenoss Wiki
This is the approved revision of this page, as well as being the most recent.
Jump to: navigation, search
Author(s)
Joseph Anderson
Current Maintainer(s)
Joseph Anderson
License
GNU General Public License, Version 2, or later
ZenPack name
ZenPacks.community.zenSplunkSearch
More Information
GitHub page/HomePage
Git sources (for cloning)
Link




Splunk Search Component ZenPack

Perform Splunk searches within Zenoss

Warning

The ZenPack Catalog has moved to its new home at https://www.zenoss.com/product/zenpacks as of January 17, 2017. The following information may be out of date, and this page will eventually be removed.

Support

This ZenPack is developed by the Zenoss user community and supported via our online forums. Zenoss, Inc. does not provide direct support for this ZenPack.

Releases

Version 2.0- Download
Summary of changes: Zenoss 4.x support, migrated to ConstructionKit
Released on 2013/03/20
Requires ConstructionKit ZenPack
Compatible with Zenoss Core 3.2.x, Zenoss Core 4.2.x
Version 2.1- Download
Summary of changes: updated to support ConstructionKit 2.0
Released on 2013/11/05
Requires ConstructionKit ZenPack
Compatible with Zenoss Core 4.2.x

Background

This ZenPack provides a "Splunk Search" component and allows for the execution of Splunk Searches within Zenoss.

Each "Splunk Search" component has a "query" property that contains the query string.

Connection parameters are defined in zProperties, but can be overriden on a per component basis

The component data is passed to a "check_splunk.py" script that was copied/modified from an earlier community ZenPack that no longer seems to be available.

Installation

Normal Installation (packaged egg)

  1. Download the appropriate egg file for the version of Zenoss you are running.
  2. Ensure you are logged in as the zenoss user: 
    $ sudo su - zenoss
  3. Install the ZenPack: 
    $ zenpack --install ZenPacks.community.zenSplunkSearch-*.egg
  4. Restart these services: 
    $ zenoss restart

Developer Mode Installation

In order to do a development mode installation you will want to clone the existing git repository, and then use the --link flag with the zenpack command:

  1. Ensure you are logged in as the zenoss user: 
    $ sudo su - zenoss
  2. Start by cloning the upstream repository: 
    $ git clone git://github.com/j053ph4/ZenPacks.community.zenSplunkSearch.git
  3. Next, perform the installation: 
    $ zenpack --link --install ZenPacks.community.zenSplunkSearch
  4. Finally, restart these serivices: 
    $ zenoss restart

Discuss

Purplemarker.png New: Don't forget to add yourself to the Zenoss User Map!

blog comments powered by Disqus



Retrieved from "http://wiki.zenoss.org/index.php?title=ZenPack:Splunk_Search_Component&oldid=4668"