When is SSDFHFS file actually needed to run Ironstream for Splunk?

View Only

Back to discussions

Expand all | Collapse all

When is SSDFHFS file actually needed to run Ironstream for Splunk?

1. When is SSDFHFS file actually needed to run Ironstream for Splunk?

Like
Alan Jones
Posted 07-07-2023 16:39

Reply Reply Privately
Hello,

I am still fairly new to Ironstream for Splunk. We are looking to change how we have Splunk set up on our different systems and I'm trying to figure out if we actually need the SSDFHFS file mounted, and if so, in what mode.

The documentation says Ironstream needs the SSDFHFS file when using IDT, DCE, and Log4j appender.

I have no idea of what those things are or when they would be used.

I currently have Ironstream for Splunk installed with the SDFAPI, SDFLOG, SDFSMF, and SDFSYS forwarder tasks running.

Do any of those tasks make use of IDT, DCE, or the Log4j appender? I'm thinking not, but I really don't know that much about Ironstream. I basically just installed it and set up the started tasks for someone else that was more familiar with Ironstream.

If IDE, DCE, or the Log4j appender are not being used, can I get by without mounting the SSDFHFS file system?

Thank you,

------------------------------
Alan Jones
FIDELITY NATIONAL INFORMATION SERVICES INC
LITTLE ROCK AR
------------------------------
2. RE: When is SSDFHFS file actually needed to run Ironstream for Splunk?

Like
Ian Hartley
Posted 07-10-2023 12:48

Reply Reply Privately
Hello Alan,

Thank you for reaching out.

As far as I am aware, yes, you can run Ironstream without mounting SSDFHFS. However, you will most likely run into issues if you later decide to make use of the IDT (RMF III), USS (Unix files) or Log4j support. If you want further technical detail please raise a ticket with our Support Team.

I have noted your question and will look to get a Knowledge Base Article created or documentation update applied to cover this topic for future reference.

------------------------------
Ian Hartley
Senior Director, Product Management
Precisely Software Inc.
------------------------------
3. RE: When is SSDFHFS file actually needed to run Ironstream for Splunk?

Like
Alan Jones
Posted 07-10-2023 13:39

Reply Reply Privately
Thank you for the information.

If you are going to add a Knowledge Base Article on this, it would be nice if it would specify what processes use IDT, DCE, and Log4j support, as I have no idea what does use those features.

I appreciate your help.

Alan

Original Message
4. RE: When is SSDFHFS file actually needed to run Ironstream for Splunk?

Like
Ian Hartley
Posted 07-10-2023 13:59

Reply Reply Privately
No problem at all. Very happy to help at any time.

The Configuration and User Guide covers the items in the "Ironstream Components" section starting on page 12.

IDT - Ironstream Desktop. This is a browser-based UI for configuring the RMF III metrics you wish to collect and forward. There are a many to choose from.

DCE - Data Collection Extension. An extension to the main data collector to capture RMF III and USS data.

Log4j - logging utility, typically for, but not limited to, OS and Java program output.

These are separate, optional items because not all customers make use of them. Whereas most customers use SMF, SYSLOG, etc.

------------------------------
Ian Hartley
Senior Director, Product Management
Precisely Software Inc.
------------------------------

Original Message

Ironstream

When is SSDFHFS file actually needed to run Ironstream for Splunk?

Alan Jones07-07-2023 16:39

Ian Hartley07-10-2023 12:48

Alan Jones07-10-2023 13:39

Ian Hartley07-10-2023 13:59

1. When is SSDFHFS file actually needed to run Ironstream for Splunk?

2. RE: When is SSDFHFS file actually needed to run Ironstream for Splunk?

3. RE: When is SSDFHFS file actually needed to run Ironstream for Splunk?

4. RE: When is SSDFHFS file actually needed to run Ironstream for Splunk?

About Precisely

Customer Support

Copyright ©2026 Precisely. All rights reserved worldwide.