How do I configure to push application logs from c...

divyamudundi · ‎09-14-2018

Hello Team,

We are in the process of moving some of our applications from our Software as a Service (SaaS) environment to Pivotal Cloud Foundry. As a part of the process, I need to configure Splunk to push application logs from Cloud Foundry (CF) set up to our Splunk Enterprise.

As of now I have done the following:

Created an Http Event Collector (HEC) on our Indexer.
Installed Splunk Firehose Nozzle in OpsMan and configured it to talk to HEC ( Step-1) . During this setup , I've enabled HttpEventType: cf:logmessage. By this I see platform metrics on my indexer ( like gorouter etc )
Once the tile gets deployed, will just binding the tile to app and restarting app push the application logs to HEC endpoint? Or do I have to specifically configure anything with applications running to send data to a different endpoint in CF and configure that endpoint in Nozzle to push just the application logs?
Am i missing anything in the set up for Splunk Integration with CF to push application logs.

Any help is greatly appreciated.!!!

Thank you,
Divya Mudundi

renjith_nair · ‎06-04-2019

@divyamudundi,
Did it work for you ? We were able to get the metrics to splunk and is working fine with the app

Happy Splunking!

How do I configure to push application logs from cloud foundry platform to Splunk Enterprise?

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life

Introducing Splunk Enterprise 9.2