Splunk Search

What are the possibilities to achieve Thread Dump & Heap Dump Log Collection?

ramanan
Engager

Hi All,

I need to collect "Thread Dump" and "Heap Dump" of the application into Splunk.  What are all the possibilities to achieve it?

0 Karma

yuanliu
SplunkTrust
SplunkTrust

You don't ask for "all" possibilities because there are too many, albeit enumerable.  The usual way to collect thread dump would be to run kill -3 periodically and just collect JVM logs. (I assume that you really want to collect data at predetermined intervals.)  Then, use Splunk to find them.  Alternatively, you can run jstack and dump output to files, then use forwarder to collect those files.  Alternatively, you can send output to HEC or Splunk API.

To collect heap dump, I assume that you just want histograms, not full object dumps. (The latter is destructive.)  One way to do this is to run jmap periodically and dump output to a file, then use forwarder to collect those files.  Another way is to run those commands then send output to HEC, or Splunk API.

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...