uberAgent maintains a very detailed and informative log file that can tell you a lot not only about uberAgent’s health but also about the machine uberAgent is running on. Naturally the log file is stored locally on the computer uberAgent is running on which makes analysis and troubleshooting a bit difficult in large environments. But luckily it is very easy to solve that problem with Splunk!
What is it?
uberAgent Log Collector is a set of associated Splunk apps that collect the data logged by uberAgent, send it to Splunk for indexing and provide dashboards for easy access.
uberAgent Log Collector consists of the actual app containing the dashboards, a supporting add-on (SA) that creates the index and a technology add-on (TA) for collecting the data. These three components need to be installed on the following systems:
- App: search head(s)
- SA: indexer(s)
- TA: endpoints where uberAgent is deployed
The TA requires Splunk’s Universal Forwarder to be installed on the same machine. The app requires Splunk’s Web Framework (included in Splunk 6.x, separate install for 5.x).
The uberAgent Log Collector apps are available in the Splunk App Directory:
Download uberAgent Log Collector app
Download uberAgent Log Collector SA
Download uberAgent Log Collector TA
Do you have questions that were not answered here? Please ask us, we are happy to help!