README
¶
Splunk Enterprise Receiver
| Status | |
|---|---|
| Stability | alpha: metrics |
| Distributions | contrib |
| Issues |   |
| Code Owners | @shalper2, @MovieStoreGuy, @greatestusername |
The Splunk Enterprise Receiver is a pull based tool which enables the ingestion of performance metrics describing the operational status of a user's Splunk Enterprise deployment to an appropriate observability tool. It is designed to leverage several different data sources to gather these metrics including the introspection api endpoint and serializing results from ad-hoc searches. Because of this, care must be taken by users when enabling metrics as running searches can effect your Splunk Enterprise Deployment and introspection may fail to report for Splunk Cloud deployments. The primary purpose of this receiver is to empower those tasked with the maintenance and care of a Splunk Enterprise deployment to leverage opentelemetry and their observability toolset in their jobs.
Configuration
The following settings are required, omitting them will either cause your receiver to fail to compile or result in 4/5xx return codes during scraping.
NOTE: These must be set for each Splunk instance type (indexer, search head, or cluster master) from which you wish to pull metrics. At present, only one of each type is accepted, per configured receiver instance. This means, for example, that if you have three different "indexer" type instances that you would like to pull metrics from you will need to configure three different splunkenterprise receivers for each indexer node you wish to monitor.
basicauth(from basicauthextension): A configured stanza for the basicauthextension.auth(no default): String name referencing your auth extension.endpoint(no default): your Splunk Enterprise host's endpoint.
The following settings are optional:
collection_interval(default: 10m): The time between scrape attempts.timeout(default: 60s): The time the scrape function will wait for a response before returning empty.
Example:
extensions:
basicauth/indexer:
client_auth:
username: admin
password: securityFirst
basicauth/cluster_master:
client_auth:
username: admin
password: securityFirst
receivers:
splunkenterprise:
indexer:
auth:
authenticator: basicauth/indexer
endpoint: "https://localhost:8089"
timeout: 45s
cluster_master:
auth:
authenticator: basicauth/cluster_master
endpoint: "https://localhost:8089"
timeout: 45s
exporters:
debug:
verbosity: basic
service:
extensions: [basicauth/indexer, basicauth/cluster_master]
pipelines:
metrics:
receivers: [splunkenterprise]
exporters: [debug]
For a full list of settings exposed by this receiver please look in config.go with a detailed configuration in testdata/config.yaml.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewFactory ¶
Types ¶
type Config ¶
type Config struct {
scraperhelper.ControllerConfig `mapstructure:",squash"`
metadata.MetricsBuilderConfig `mapstructure:",squash"`
IdxEndpoint confighttp.ClientConfig `mapstructure:"indexer"`
SHEndpoint confighttp.ClientConfig `mapstructure:"search_head"`
CMEndpoint confighttp.ClientConfig `mapstructure:"cluster_master"`
}
Source Files
Directories