Archived community.zenoss.org | full text search
Skip navigation
Currently Being Moderated

Splunk Alerting in Zenoss

VERSION 7  Click to view document history
Created on: Nov 10, 2010 1:37 AM by Nick Yeates - Last Modified:  Aug 17, 2011 3:27 AM by Nick Yeates

Submitted by: Allen Sanabria


Description:

This ZenPack allows Splunk alerts to be sent to Zenoss as alerts; escalation can then be handled with Zenoss alerts. For a step by step walk-through and screencaps, see http://www.linuxdynasty.org/howto-send-splunk-alerts-to-zenoss-and-make-them-look-like-splunk.html

 

The ZenPack has the following Device Class(es)

  • Performance Template Splunk Example

    /zport/dmd/Devices/rrdTemplates/Splunk Example       Example usage of a Splunk data source.

    DataSource Datapoint Description
    failedPasswords
    Number of failed passwords during the last 5 minutes.

    countNumber of failed passwords during the last 5 minutes.

    Graph Splunk - Failed Passwords

     

    Name Type Description
    countDataPointGraphPoint
    too many failuresThresholdGraphPoint

Screenshots:

severeTest1_splunk.png

Dependencies

Event Class Information

The Path column in the table is starting from the /Events class.         The Code? column indicates if the Event Class contains a  transform or not.

Path Name Type Code? Description
/App/SplunkSplunkEvent ClassnoDestination event class for events related to the Splunk  application.

 

 


Installation Requirements:

  • Zenoss Versions Supported:1.1.1
  • External Dependencies:
  • ZenPack Dependencies:
  • Installation Notes:zenoss restart after installing this ZenPack.
  • Configuration:

History:

Change History:

  • 1.1.1 initial release

Tested:

Source: https://github.com/zenoss/Community-Zenpacks/tree/master/ZenPacks.community.Splunk/


Known issues:

Attachments:
Note: binary attachments ending in .zip will need to be unzipped before use.
Comments (0)