Getting Data In

How do I configure to push application logs from cloud foundry platform to Splunk Enterprise?

divyamudundi
Path Finder

Hello Team,

We are in the process of moving some of our applications from our Software as a Service (SaaS) environment to Pivotal Cloud Foundry. As a part of the process, I need to configure Splunk to push application logs from Cloud Foundry (CF) set up to our Splunk Enterprise.

As of now I have done the following:

  1. Created an Http Event Collector (HEC) on our Indexer.
  2. Installed Splunk Firehose Nozzle in OpsMan and configured it to talk to HEC ( Step-1) . During this setup , I've enabled HttpEventType: cf:logmessage. By this I see platform metrics on my indexer ( like gorouter etc )
  3. Once the tile gets deployed, will just binding the tile to app and restarting app push the application logs to HEC endpoint? Or do I have to specifically configure anything with applications running to send data to a different endpoint in CF and configure that endpoint in Nozzle to push just the application logs?
  4. Am i missing anything in the set up for Splunk Integration with CF to push application logs.

Any help is greatly appreciated.!!!

Thank you,
Divya Mudundi

renjith_nair
SplunkTrust
SplunkTrust

@divyamudundi,
Did it work for you ? We were able to get the metrics to splunk and is working fine with the app

Happy Splunking!
0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...