All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk cloud with Azure

kunalchandratre
New Member
‎04-22-2018 03:51 AM

Hi,
Azure monitor add on for plunk - https://github.com/Microsoft/AzureMonitorAddonForSplunk/wiki/Azure-Monitor-Addon-For-Splunk

This specifically talks about integration with splunk Enterprize and NOT splunk CLOUD.
Below are the queries -

  1. Can splunk cloud read data from event hub?
  2. If no for #1 then do we need to configure everything to read from Storage accounts only?
  3. Does after reading from storage account , splunk will delete the data which is already read and ingested in splunk? Or do we have to clean up data from storage account periodically?
0 Karma
Reply

jconger
Splunk Employee
Splunk Employee
‎04-23-2018 04:00 PM

The Azure Monitor Add-on for Splunk can send data to Splunk Cloud. You would need to run the add-on on a Heavy Weight Forwarder that you own. The forwarder would gather data from Azure and forward on to Splunk Cloud.

Splunk does not delete anything from Storage Accounts (or Event Hubs for that matter). The retention polices set in Azure control how long the data stays around in Azure.

0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎07-26-2018 11:31 AM

Hi jconger,

getting below error while running npm install as part of TA configuration.

npm WARN package.json azure_monitor@1.2.0 No repository field.
npm WARN package.json azure_monitor@1.2.0 No README data
npm ERR! Linux 3.10.0-693.2.2.el7.x86_64
npm ERR! argv "/usr/bin/node" "/usr/bin/npm" "install"
npm ERR! node v0.10.46
npm ERR! npm v2.15.1
npm ERR! code ECONNRESET

npm ERR! network tunneling socket could not be established, cause=read ECONNRESET
npm ERR! network This is most likely not a problem with npm itself
npm ERR! network and is related to network connectivity.
npm ERR! network In most cases you are behind a proxy or have bad network settings.
npm ERR! network
npm ERR! network If you are behind a proxy, please make sure that the
npm ERR! network 'proxy' config is set properly. See: 'npm help config'

npm ERR! Please include the following file with any support request:
npm ERR! /opt/splunk/etc/apps/TA-Azure_Monitor/bin/app/npm-debug.log

————————————
If this helps, give a like below.
0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎07-26-2018 11:37 AM

fixed this. this is issue with proxy.

Found this useful.

If you are behind a proxy, set it correctly in npm.

>npm config set proxy http://proxyhost:proxyport
>npm config set https-proxy http://proxyhost:proxyport

Notes:
For SSL/https proxies, the protocol in URL should be http not https

I had set https-proxy with https. it was supposed to be http.

————————————
If this helps, give a like below.
0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...