The Splunk Product Best Practices team helped produce this response. Read more about example use cases in the Splunk Platform Use Cases manual.

Set up this monitoring example use case to monitor the performance, usage, and availability of containers in your environment.

Load data

How to implement: This example use case depends on data from microservices and containers.

This use case depends on the HTTP Event Collector (HEC) for data collection. To receive data, see the topic Set up and use HTTP Event Collector in Splunk Web in the Getting Data In manual.

After you configure the HEC endpoint, you can send container-related data to Splunk with Splunk Connect for Kubernetes and the Splunk Logging Driver for Docker.

Best practice: For all of the data inputs, specify a desired target index to provide a more sustainable practice for data access controls and retention models. By default, Splunk collects the data in the default index named main.

Get insights

You can download and install the Splunk App for Infrastructure to use pre-built panels to visualize your data and gain insights.

Follow the instructions to configure Kubernetes data collection for Splunk App for Infrastructure in the Splunk App for Infrastructure manual. The Beginner’s Guide to Kubernetes Monitoring is a brief eBook that walks through the technical details and provides rich information about the industry's pivot to containers.

Help

Watch the following video to see how you can use products from Splunk products to monitor your microservice architecture.

For more support, post a question to the Splunk Answers community.