Splunk integration with grafana

icykewl · ‎05-10-2022

Splunk newbie here!

My usecase is to

1. monitor AWS EC2 webserver metrics (how do I push cpu, iostat, other stats to splunk? I tried to install an app/addon. But the dashboards are empty. I need some help building the graphs, populating metrics.

2. integrate splunk with grafana. (I was able to successfuly connect splunk as a datasource but not sure how to build the dashboards in grafana for splunk data).

any advise/recommendations to accomplish this is appreciated.

Roy_9 · ‎05-10-2022

@icykewl hello,

To answer your first question, if you would like to collect linux or windows VM metrics, you could deploy splunk add-on for unix/linux or splunk add-on for windows on these AWS ec2 machines and then turn on inputs.conf available in these add-ons.

Once these add-ons are configured, you could install splunk app for unix/linux or splunk app for windows to populate those pre built dashboards.

If you are exclusively looking for aws metrics, you could deploy the splunk add-on for aws on the web server and then turn on inputs and configure splunk app for aws.

Aws add-on fetches you most of the metrics.
https://splunkbase.splunk.com/app/1876/#/overview

2nd question:

Below plug in helps with your second request.
https://grafana.com/grafana/plugins/grafana-splunk-monitoring-datasource/

Thanks

Splunk integration with grafana

chart

stats

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?