Skip to content
/ uf-diagnosability Public

Diagnosability tooling for Splunk, primarily targeted at Universal Forwarders and platforms without support for RapidDiag

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

splunk/uf-diagnosability

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
collect-stacks.sh
collect-stacks.sh
 
 
splunk-search-trigger.py
splunk-search-trigger.py
 
 

Repository files navigation

Splunk UF Diagnosability tooling

Diagnosability tooling targeted primarily at Splunk Universal Forwarders and Splunk Enterprise in platforms without support for RapidDiag.

collect-stacks.sh (only for Linux)

Collect stack dumps from a process using eu-stack (from the elfutils package). Also collects basic info from /proc/PID to match.

Preferably run it as root so it can also collect kernel-side stack traces, otherwise it won't be able to collect kernel traces: access to that requires root since Linux kernel version 2.6.29.

Documentation: via ./collect-stacks.sh -h

splunk-search-trigger.py

Triggers commands when a search matching a regular expression starts running (think start pstack collection on any searches running on index=whatever, or requesting the dummy field PSTACKME). See examples from the script's help for nice usage ideas.

Documentation: via ./splunk-search-trigger.py -h

About

Diagnosability tooling for Splunk, primarily targeted at Universal Forwarders and platforms without support for RapidDiag

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages