Getting Data In

How do I configure to push application logs from cloud foundry platform to Splunk Enterprise?

Path Finder

Hello Team,

We are in the process of moving some of our applications from our Software as a Service (SaaS) environment to Pivotal Cloud Foundry. As a part of the process, I need to configure Splunk to push application logs from Cloud Foundry (CF) set up to our Splunk Enterprise.

As of now I have done the following:

  1. Created an Http Event Collector (HEC) on our Indexer.
  2. Installed Splunk Firehose Nozzle in OpsMan and configured it to talk to HEC ( Step-1) . During this setup , I've enabled HttpEventType: cf:logmessage. By this I see platform metrics on my indexer ( like gorouter etc )
  3. Once the tile gets deployed, will just binding the tile to app and restarting app push the application logs to HEC endpoint? Or do I have to specifically configure anything with applications running to send data to a different endpoint in CF and configure that endpoint in Nozzle to push just the application logs?
  4. Am i missing anything in the set up for Splunk Integration with CF to push application logs.

Any help is greatly appreciated.!!!

Thank you,
Divya Mudundi


Did it work for you ? We were able to get the metrics to splunk and is working fine with the app

Happy Splunking!
0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...