Splunk ITSI
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do you monitor auto scaling in ec2 instances in Splunk ITSI?

RomeSplunk123
Explorer
‎01-29-2021 07:51 PM

The problem we are running into is, the entity import can not keep up with the transient nature of AWS cloud, where we have auto scaling AWS EC2 instances and containers which get terminated and new ones gets created, but the new entities are not added automatically to services.

How can I solve this issue in ITSI?  Any ideas?

Here is a reference link for what auto scaling is.  Basically we are getting data from CloudWatch and passing it to Splunk, but the things, because thousands of containers are spinning up and down, Splunk somehow doesn't add dynamically such entities into services... 

Is there anyway to overcome this? Or should I be using some other approach to monitor such types of microservices where containers spinning up and down, where one moment they can be in one node the next in another.... yet the entities do not get updated.... every time that happens...    How do other customers monitor micro-services in such case?    Any ideas? 

https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html

Reply

olidare
Engager
‎02-19-2021 02:40 AM

I've also come into this issue, keen to hear if you found a solution

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Brute Force Account Takeover Fraud with Splunk

This article is the second in a three-part series exploring advanced fraud detection techniques using Splunk. ...

Buttercup Games: Further Dashboarding Techniques (Part 9)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Buttercup Games: Further Dashboarding Techniques (Part 8)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...
Top