Discussing scripted inputs
Scripted inputs are useful for indexing transient/temporary data that cannot be monitored through file/directory monitoring or use network inputs. Scripted inputs collect data from transient sources and then either write the collected data to a file or forward it directly to an indexer. Let’s go through some facts about this input type:
- Scripted inputs require a UF agent or Splunk Enterprise instance (HF) to execute the scripts.
- Data can be gathered from transient sources, such as operating system commands. The
top,vmstat,netstat, andiostatcommands all leverage this type of input, which is configured within the Splunk add-on for Unix and Linux available to download from http://splunkbase.splunk.com. The Windows technology add-on (TA) relies on this input type to gather Windows Active Directory (AD) logs, registry logs,WinEventLogs, and so on. Logs from remote APIs can also be pulled using scripts. - Popular script types are supported...
