Splunk App for Nextcloud

A new version of the “Splunk App for Nextcloud” has been released, two new dashboards added. This app is the probably the most complete Nextcloud monitoring solution.

An installation guide can be downloaded here:

To access the Splunk, go to the Splunk App Store:
https://splunkbase.splunk.com/app/3398/

The Splunk app currently has the following dashboards:

  • Overview.
    • Current status of the Nextcloud server (available, in maintenance, web server down, host unavailable).
    • Status breakdown for time period.
    • Successful and failed logins and ratio of the same.
    • Number of defined and active users.
    • Number of total shares and number of file operations.
  • Nextcloud System Information.
    • Information about current Nextcloud server configuration.
    • Timeline of Nextcloud server upgrades.
  • Users.
    • Number of defined and active users.
  • Shares and Storage.
    • Number of shares, federated shares, files and free disk space.
  • Sharing actions.
    • Who has shared (or unshared) what, with whom, how (public, user or group shares) and when.
  • File and Folder Activity.
    • What file or folder operations have been performed by whom, when, from where. Ability to filter the file and folder activity by country and/or user.
  • Public File Access.
    • What has been accessed via public shares, when and from where.
  • Hardware information.
    • CPU load averages, free and used memory, database size.
  • User/Group Operations.
    • When and by whom were users created or deleted, disabled or enabled, added or removed from groups, groups created or deleted.
  • Password Changes.
    • Who has or have had had their password changed, who changed it and from where. What password reset attempts have there been.
  • User Login Activity.
    • Login activity over time and by location. Full login activity audit trail. Ability to filter the login activity by country and/or user.
  • Failed Logins.
    • Failed logins shown from external and from internal IP addresses, over time and by user.
  • File, Folder and User Audit.
    • Complete file and folder audit trail providing answers to questions such as “what file operations did user X perform when?” or “who did what to file Y when?” or "when did user X do something to file Y?
  • Virus Detection.
    • Statistics and information from the “Anti-virus for files” app for Nextcloud.

that sounds quite good.

but why don’t you release it at official app-shop?

A slight misunderstanding, the app is for the Splunk platform, but monitors the Nextcloud platform, hence it is accessible from the Splunk App Store.

Sample dashboard screenshots





:man_facepalming: - my bad. :man_facepalming:

:sunglasses:

Hi there Rickenbacker.
I just created a new instance V23 and the failed log ins are not displaying ? Has Nextcloud moved the log or do the dashboard queries need updating ? All other dashboards are lighting up and I have added the path to audit.log and nextcloud.log.

Thanks in advance.