Monitoring Splunk

Example of how to monitor containers?

sloshburch
Splunk Employee
Splunk Employee

Does anyone have examples of how to use Splunk to monitor containers?

Tags (1)
0 Karma
1 Solution

sloshburch
Splunk Employee
Splunk Employee

The Splunk Product Best Practices team helped produce this response. Read more about example use cases in the Splunk Platform Use Cases manual.

Set up this monitoring example use case to monitor the performance, usage, and availability of containers in your environment.

Load data

How to implement: This example use case depends on data from microservices and containers.

This use case depends on the HTTP Event Collector (HEC) for data collection. To receive data, see the topic Set up and use HTTP Event Collector in Splunk Web in the Getting Data In manual.

After you configure the HEC endpoint, you can send container-related data to Splunk with Splunk Connect for Kubernetes and the Splunk Logging Driver for Docker.

Best practice: For all of the data inputs, specify a desired target index to provide a more sustainable practice for data access controls and retention models. By default, Splunk collects the data in the default index named main.

Get insights

You can download and install the Splunk App for Infrastructure to use pre-built panels to visualize your data and gain insights.

Follow the instructions to configure Kubernetes data collection for Splunk App for Infrastructure in the Splunk App for Infrastructure manual. The Beginner’s Guide to Kubernetes Monitoring is a brief eBook that walks through the technical details and provides rich information about the industry's pivot to containers.

Help

Watch the following video to see how you can use products from Splunk products to monitor your microservice architecture.
Splunk Kubernetes Monitoring Demo

For more support, post a question to the Splunk Answers community.

View solution in original post

0 Karma

sloshburch
Splunk Employee
Splunk Employee

The Splunk Product Best Practices team helped produce this response. Read more about example use cases in the Splunk Platform Use Cases manual.

Set up this monitoring example use case to monitor the performance, usage, and availability of containers in your environment.

Load data

How to implement: This example use case depends on data from microservices and containers.

This use case depends on the HTTP Event Collector (HEC) for data collection. To receive data, see the topic Set up and use HTTP Event Collector in Splunk Web in the Getting Data In manual.

After you configure the HEC endpoint, you can send container-related data to Splunk with Splunk Connect for Kubernetes and the Splunk Logging Driver for Docker.

Best practice: For all of the data inputs, specify a desired target index to provide a more sustainable practice for data access controls and retention models. By default, Splunk collects the data in the default index named main.

Get insights

You can download and install the Splunk App for Infrastructure to use pre-built panels to visualize your data and gain insights.

Follow the instructions to configure Kubernetes data collection for Splunk App for Infrastructure in the Splunk App for Infrastructure manual. The Beginner’s Guide to Kubernetes Monitoring is a brief eBook that walks through the technical details and provides rich information about the industry's pivot to containers.

Help

Watch the following video to see how you can use products from Splunk products to monitor your microservice architecture.
Splunk Kubernetes Monitoring Demo

For more support, post a question to the Splunk Answers community.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...