Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to collect output from "rpm -qa --list" command into Splunk?

joesrepsol
Path Finder
‎11-02-2018 08:04 AM

Hello!

Looking to do some patch monitoring on our *nix boxes and find the "rpm -qa --list" command extremely useful. But struggling to find the best way to get this information into Splunk from all our forwarders. Can I have splunk run this command and ingest the output?

Thought of using another tool to collect the output and store in DB somewhere, then use DB Connect to ingest, but was hoping to skip a step. Thoughts? Suggestions?

Thanks everyone!

(Splunk Enterprise 7.1 Deployment)

Joe

0 Karma
Reply

ddrillic
Ultra Champion
‎11-02-2018 08:08 AM

Please use the Setting up a scripted input approach.

0 Karma
Reply

joesrepsol
Path Finder
‎11-02-2018 08:21 AM

Reading thru that now... hadn't figured out exactly how I would be able to run this rpm command using python. Output is pretty basic.. 2 columns. If I could grab that output and throw into an index that would be awesome.

Anymore help on how to do just that?

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Your Guide to SPL2 at .conf24!

So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...