Monitoring Splunk

Example of how to monitor containers?

sloshburch
Splunk Employee
Splunk Employee

Does anyone have examples of how to use Splunk to monitor containers?

Tags (1)
0 Karma
1 Solution

sloshburch
Splunk Employee
Splunk Employee

The Splunk Product Best Practices team helped produce this response. Read more about example use cases in the Splunk Platform Use Cases manual.

Set up this monitoring example use case to monitor the performance, usage, and availability of containers in your environment.

Load data

How to implement: This example use case depends on data from microservices and containers.

This use case depends on the HTTP Event Collector (HEC) for data collection. To receive data, see the topic Set up and use HTTP Event Collector in Splunk Web in the Getting Data In manual.

After you configure the HEC endpoint, you can send container-related data to Splunk with Splunk Connect for Kubernetes and the Splunk Logging Driver for Docker.

Best practice: For all of the data inputs, specify a desired target index to provide a more sustainable practice for data access controls and retention models. By default, Splunk collects the data in the default index named main.

Get insights

You can download and install the Splunk App for Infrastructure to use pre-built panels to visualize your data and gain insights.

Follow the instructions to configure Kubernetes data collection for Splunk App for Infrastructure in the Splunk App for Infrastructure manual. The Beginner’s Guide to Kubernetes Monitoring is a brief eBook that walks through the technical details and provides rich information about the industry's pivot to containers.

Help

Watch the following video to see how you can use products from Splunk products to monitor your microservice architecture.
Splunk Kubernetes Monitoring Demo

For more support, post a question to the Splunk Answers community.

View solution in original post

0 Karma

sloshburch
Splunk Employee
Splunk Employee

The Splunk Product Best Practices team helped produce this response. Read more about example use cases in the Splunk Platform Use Cases manual.

Set up this monitoring example use case to monitor the performance, usage, and availability of containers in your environment.

Load data

How to implement: This example use case depends on data from microservices and containers.

This use case depends on the HTTP Event Collector (HEC) for data collection. To receive data, see the topic Set up and use HTTP Event Collector in Splunk Web in the Getting Data In manual.

After you configure the HEC endpoint, you can send container-related data to Splunk with Splunk Connect for Kubernetes and the Splunk Logging Driver for Docker.

Best practice: For all of the data inputs, specify a desired target index to provide a more sustainable practice for data access controls and retention models. By default, Splunk collects the data in the default index named main.

Get insights

You can download and install the Splunk App for Infrastructure to use pre-built panels to visualize your data and gain insights.

Follow the instructions to configure Kubernetes data collection for Splunk App for Infrastructure in the Splunk App for Infrastructure manual. The Beginner’s Guide to Kubernetes Monitoring is a brief eBook that walks through the technical details and provides rich information about the industry's pivot to containers.

Help

Watch the following video to see how you can use products from Splunk products to monitor your microservice architecture.
Splunk Kubernetes Monitoring Demo

For more support, post a question to the Splunk Answers community.

0 Karma
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...