NIX Debian Package (dpkg.log) Dashboard

Description:

Wanted a dashboard that would provide information around package information across my Ubuntu servers.  At this time I have only built this dashboard to review the “dpkg.log”.

In an attempt to help people understand how I build dashboard, posted a video on YouTube where you can follow along while I build this dashboard out:

Building a Classic Dashboard in Splunk – https://youtu.be/NMfv-nx_5mE

In order to use this dashboard you will need validate the field names used in the searches are created.  In my environment I am using the “Splunk Add-on for Unix & Linux” to collect all log files from “/var/log”.  However the “Splunk Add-on for Unix & Linux” does not provide the proper entries in the props/transforms to create fields for the “dpkg.log”.

I have recorded a YouTube video that walks-through how to configure field extraction on the “dpkg.log”

Splunk Field Extraction Walkthrough – https://youtu.be/YdM0rZdXJJI

This is my first version of the dashboard and may not be my last version.

This Add-on is not required, but is used to collect the dpkg.log from /var/log:

Splunk Add-on for Unix & Linux – https://splunkbase.splunk.com/app/833/

Dashboard:

Share This:

Leave A Comment?