Solved: Open Telemetry Exporter to a Cluster

robertlynch2020 · ‎10-07-2021

Hi -

We have been using OT to send data into a single Splunk install and it is working very well.

I am now looking to move this to production and send the data for my Cluster.

3 indexers, but I am unsure how to tell the exporter to do this?
In a forwarder I would give it the host and post of the 3 indexers, but how do I do this in an exporter?

Configure the exportor
exporters:
otlp/aggregation: # push to the aggregator
endpoint: ${AGGREGATOR_HOST}:${AGGREGATOR_PORT}
insecure: true
splunk_hec: # pushed to splunk
token: "a04daf32-68b9-48b2-88a0-6ac53b3ec002"
endpoint: "https://mx33456vm:8088/services/collector"
source: "mx"
sourcetype: "otel"
index: "metrics_test"
insecur...

Thanks for you help in advance 🙂

robertlynch2020 · ‎10-12-2021

IN the end i set up an heavy forwarder and this sent the data to multiple indexers that I had on a cluster

View solution in original post

robertlynch2020 · ‎10-12-2021

IN the end i set up an heavy forwarder and this sent the data to multiple indexers that I had on a cluster

robertlynch2020 · ‎10-07-2021

Or do I just configure one HEC on the cluster and push this on the configuration bundle to all the indexers?

If I do that what is the endpoint - as we are moving from one machine to 3 indexers?

endpoint: "https://mx33456vm:8088/services/collector"

Open Telemetry Exporter to a Cluster

using Splunk Enterprise

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

Join the Conversation

Open Telemetry Exporter to a Cluster

using Splunk Enterprise

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey