Splunk Observability Cloud
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk Otel Chart Values.yaml for sending Otel Gateway logs to Splunk

PhuN
Explorer
‎02-28-2024 03:48 PM

how do we enable Otel gateway logs to flow through to Splunk.

 

Even when we use the values.yaml settings noted here, we don't see any logs from the gateway: 

https://github.com/signalfx/splunk-otel-collector-chart/blob/main/examples/collector-gateway-only/co...

 

We're looking to get the gateway logs to get a better understanding of the health of the gateway 

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

maulikp
Splunk Employee
Splunk Employee
‎02-29-2024 09:01 AM

Great! In that case, you can update the existing values.yaml file with following, and redeploy the helm chart:

 

Once you redeploy your helm chart with above changes,

  • You will have gateway running as part of helm chart
  • OTEL agents logs will be collected via daemonset and sent to your backend.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

maulikp
Splunk Employee
Splunk Employee
‎02-28-2024 05:35 PM

You need to include agent logs, and that will collect daemonset, clusterReceiver and gateway logs, you can configure it using this option - https://github.com/signalfx/splunk-otel-collector-chart/blob/main/helm-charts/splunk-otel-collector/...

0 Karma
Reply
Solved! Jump to solution

PhuN
Explorer
‎02-29-2024 08:05 AM

can you provide an example values.yaml with what you have in mind? 

Are you saying it should be this code below? if so, this yaml seems to output gateway logs but its not getting picked up and sent through to splunk.

clusterName: CHANGEME
splunkObservability:
  realm: CHANGEME
  accessToken: CHANGEME

gateway:
  enabled: true
  replicaCount: 1
  resources:
    limits:
      cpu: 2
      memory: 4Gi
agent:
  enabled: false
clusterReceiver:
  enabled: false
logsCollection:
  containers:
    excludeAgentLogs: false

 

0 Karma
Reply
Solved! Jump to solution

maulikp
Splunk Employee
Splunk Employee
‎02-29-2024 08:50 AM

Sorry, I don't have a values.yaml file tailored for your use case. The values.yaml file you shared will only to setup a gateway on K8s cluster, which will not solve the problem you are looking to solve.

Let me ask you this, have you already installed Splunk OTEL helm chart on your K8s cluster, which is already running Daemonset and collecting logs?

0 Karma
Reply
Solved! Jump to solution

PhuN
Explorer
‎02-29-2024 08:54 AM

Yes the Splunk Otel helm chart is already on our K8 cluster and already collecting logs from all agents 

 

0 Karma
Reply
Solved! Jump to solution
Solution

maulikp
Splunk Employee
Splunk Employee
‎02-29-2024 09:01 AM

Great! In that case, you can update the existing values.yaml file with following, and redeploy the helm chart:

 

Once you redeploy your helm chart with above changes,

  • You will have gateway running as part of helm chart
  • OTEL agents logs will be collected via daemonset and sent to your backend.
0 Karma
Reply
Solved! Jump to solution

PhuN
Explorer
‎02-29-2024 10:13 AM

@maulikp Thanks. We're able to confirm gateway logs are now flowing through splunk now by searching for pod names that contain the word gateway
k8s.pod.name=*gateway* 

 

thank you very much

Phu

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...