Skip to content
This repository has been archived by the owner on May 13, 2020. It is now read-only.

mr-menno/Splunk_TA_Cacti

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits

bin

bin

 
 

default

default

 
 

lookups

lookups

 
 

metadata

metadata

 
 

static

static

 
 

README.md

README.md

 
 

Repository files navigation

No Longer Maintained. Please fork and update, or keep a copy for your reference

Cacti Mirage Add-On for Splunk v1.0.1

Setup and Install

This TA is deployed on Forwarders, Indexers and Search Heads.

Indexer

This TA can be deployed to the indexer without any further changes. It is recommended to create a new index called cacti. An indexes.conf file is not included with this TA.

Search Head

Install and Deploy the app to the search head.

On the search head, the add-on will provide:

  • search time extractions, lookups, macros and event types

To complete the install, you will need to update the follow:

  • macros.conf
    • cacti_index: replace index=cacti with the appropriate index

Cacti Server / Universal Forwarder

To complete the ingestion of data, deploy the Splunk_TA_Cacti to the forwarder installed on the same host as your Cacti implementation. If you have multiple installs, you can deploy it across multiple Cacti servers.

For this add-on to work, you will need to have installed the Cacti Mirage plugin to the Cacti servers.

Cacti Mirage: http://docs.cacti.net/userplugin:mirage Cacti Mirage Github: https://github.com/n00badmin/mirage

In addition, you will need the following information:

  • Path to Cacti install (i.e. /var/www/html/cacti or /usr/share/lib/cacti)
  • Path to mirage_poller_output.log (i.e /var/www/html/cacti/log/mirage_poller_output.log)
  • Index to send data to (either default or index=cacti, etc)

For deploying the add-on, copy the following files from the default directory to the local directory.

  • inputs.conf

Edit the local/inputs.conf file and make the following changes:

  • enable all inputs stanzas: change disabled = true to disabled = false
  • modify all stanzas to reflect the appropriate destination index (i.e. index=cacti)
  • [monitor:///usr/share/cacti/log/mirage_poller_output.log*]
    • Set to the correct path to the mirage_poller_output.log file. This file is generated by the Cacti Mirage plugin
  • [monitor:///usr/share/cacti/log/cacti.log]
    • Set to the correct path to the cacti.log file, which is most likely in the log/ folder inside the Cacti install.
  • [script://./bin/cacti_lookup_mirage.py /usr/share/cacti]
    • Change /usr/share/cacti to the folder where you installed Cacti

Copyright

Copyright 2016 Matthew Modestino, Philippe Tang, Menno Vanderlist

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages