You are here
Jiger - Fri, 2013/10/18 - 07:03
Hi,
I have a TKL file server 12 installed in my environment for taking the backups.
We now are looking for integrating this TKL file server with the SPLUNK system. Has anybody done this before?
I believe this is just forwarding the SNMP traps of the TKL file server to the Splunk server. Can anybody please advise the steps that needs to be followed for this.
Thanks,
Jiger
Forum:
It's been a while but... I
It's been a while but... I have done this before by installing the Splunk "App for Unix and Linux" and the placing the forwarders on the turnkey appliances.
You can find more information on the Splunk website.
Need a solution without installing forwarder on the TKL
Hi Eric,
Thanks for your reply.
Do we have a solution where the forwarder isn't required to be installed on the Turnkey Fileserver?
Can't this be achieved by simply mentioning the SNMP community string & the SNMP trap host details on the TKL Fileserver?
Cheers
JN
I think you can enable the
I think you can enable the snap agent agent and get a lightweight integration. You won't get logs files of other information though.
TKL is just Debian Linux, so anything monitoring without the forwarder that works for Debian will work for TKL.
if you get it working, please post back with what you did. I'm sure it'll help others
Sure, I will post the details if successful
Sure mate,
I am first downloading the snmp package(s) and the relevant dependencies. Will install it, then try to search out for the configuration steps for it and lastly check if it works.
Note: I found today that the MIBs for Debian aren't freely available so that's kinda hindering the steps.
Will post the results if successful.
In the meanwhile, would be great if somebody can help me with the snmp configurations.
JN
You should be able to...
Have you seen this: https://wiki.debian.org/SNMP
the mibs are in the non-free repo, so you'd have to make sure you're meeting any license restrictions
some final steps required to get the resolution
Hi mate,
Thanks for the details.
I have downloaded and installed the Snmp stuff on my Tkl fileserver 12.0.
After this i am also able to see a lot of required output when i run the snmwalk command for the localhost:
Command:
$snmpwalk -v 2c -c public localhost
JN
You probably need to edit
You probably need to edit the /etc/default/snmpd file.
I believe that , by default, snmptrapd does not start automatically. I just did a quick search and it seems that you might need to edit /etc/default/snmpd and change the line that reads "TRAPDRUN=NO" to "TRAPDRUN=yes"
http://www.cyberciti.biz/faq/debain-ubuntu-install-net-snmpd-server/
I've not tried this, but the act of editing /etc/default/<something> to enable daemons at startup is pretty common so suspect it's on the right track
Now the Splunk is able to poll the Tkl file server
JN
System event thresholds to be defined
Hi,
Now that Tkl file server is integrated with the Splunk server; I need to define the system event thresholds on the Tkl file server which can be polled / pushed by the splunk server.
For example something like this:
1) If system temperature increases more than 60 degrees then
--> SYS_TEMPERATURE_THRESHOLD=60
2) If the disk space usage reaches 80% then
--> DISK_SPACE_USAGE_THRESHOLD=80
3) If the memory usage reaches the point of 90% then
--> MEMORY_USAGE_THRESHOLD=90
Can anybody please inform me as to where can i configure these values into?
JN
Add new comment