Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to configure Splunk app for Jenkins?

bsuresh1
Path Finder
‎03-28-2017 12:45 AM

Hi All,
I have been asked to install "Splunk app for Jenkins" in my environment. I have installed it on Search Head 1 (SH1) as that is the SH where all my customers have access and they run reports, searches, create dashboards, etc.,

After installing the app, my customer have asked to provide below three information as in the below documentation:
link:(https://wiki.jenkins-ci.org/display/JENKINS/Splunk+Plugin+for+Jenkins)

  1. Indexer host name
  2. HTTP Input port
  3. HTTP Input Token

As I have 8 indexers in my environment, I have thought of giving any one indexer name but while creating a HTTP token as per the below link, I am being asked to mention index name and source type as per the below documentation. Atleast I will give sourcetype as Automatic but I want to know which index to be selected. As the HTTP token generation was being done on SH1, it showed few new indexes like jenkins, jenkins_artifact, jenkins_console and jenkins_statistics. I believe these got created while installing the jenkins app.
Link:(http://dev.splunk.com/view/event-collector/SP-CAAAE7C)

In this case, should I give "Indexer host name" or "Search Head name" to the customer as the data from Jenkins is going to be sent to "Jenkins" index which is on SH1.

I tried to create the http token on Indexer1 but it is not populating four jenkins indexes which I mentioned above.

Is it good practise to install this type of Apps on SH?
Is the port 8088 is default port? Can this be changed? If yes, how?

0 Karma
Reply

hardikJsheth
Motivator
‎03-30-2017 10:20 PM

No thats not the right practise. Ideally data collection should not happen on Search Head Node. It should take place on Heavy Forwarder.

If you use Heavy Forwarder, you will need to give that host name to your customer to configure data inputs on Jenkins server.

0 Karma
Reply

txiao_splunk
Splunk Employee
Splunk Employee
‎03-30-2017 10:13 PM

I think below link may help
High volume HTTP Event Collector data collection using distributed deployment
Configure an NGINX load balancer for HTTP Event Collector

You can setup a load balancer to forward data to 8 indexers and use that load balancer address as input host name in the plugin config, and load balancer port (maybe 443) as input port.

You need create the 4 indexes (jenkins, jenkins_artifact, jenkins_console and jenkins_statistics) manually if the app is not installed on indexer.
You can also change the default port 8088, see the screenshot on HEC setup

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...

Updated Data Management and AWS GDI Inventory in Splunk Observability

We’re making some changes to Data Management and Infrastructure Inventory for AWS. The Data Management page, ...