splunkenterprisereceiver

package module

v0.114.0 Latest Latest Go to latest Published: Nov 18, 2024 License: Apache-2.0 Imports: 23 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/open-telemetry/opentelemetry-collector-contrib

Links

Open Source Insights

README ¶

Splunk Enterprise Receiver

Status
Stability	alpha: metrics
Distributions	[]
Issues
Code Owners	@shalper2, @MovieStoreGuy, @greatestusername

The Splunk Enterprise Receiver is a pull based tool which enables the ingestion of performance metrics describing the operational status of a user's Splunk Enterprise deployment to an appropriate observability tool. It is designed to leverage several different data sources to gather these metrics including the introspection api endpoint and serializing results from ad-hoc searches. Because of this, care must be taken by users when enabling metrics as running searches can effect your Splunk Enterprise Deployment and introspection may fail to report for Splunk Cloud deployments. The primary purpose of this receiver is to empower those tasked with the maintenance and care of a Splunk Enterprise deployment to leverage opentelemetry and their observability toolset in their jobs.

Configuration

The following settings are required, omitting them will either cause your receiver to fail to compile or result in 4/5xx return codes during scraping.

NOTE: These must be set for each Splunk instance type (indexer, search head, or cluster master) from which you wish to pull metrics. At present, only one of each type is accepted, per configured receiver instance. This means, for example, that if you have three different "indexer" type instances that you would like to pull metrics from you will need to configure three different splunkenterprise receivers for each indexer node you wish to monitor.

basicauth (from basicauthextension): A configured stanza for the basicauthextension.
auth (no default): String name referencing your auth extension.
endpoint (no default): your Splunk Enterprise host's endpoint.

The following settings are optional:

collection_interval (default: 10m): The time between scrape attempts.
timeout (default: 60s): The time the scrape function will wait for a response before returning empty.

Example:

extensions:
    basicauth/indexer:
        client_auth:
            username: admin
            password: securityFirst
    basicauth/cluster_master:
        client_auth:
            username: admin
            password: securityFirst

receivers:
    splunkenterprise:
        indexer:
            auth: 
              authenticator: basicauth/indexer
            endpoint: "https://localhost:8089"
            timeout: 45s
        cluster_master:
            auth: 
              authenticator: basicauth/cluster_master
            endpoint: "https://localhost:8089"
            timeout: 45s

exporters:
  debug:
    verbosity: basic

service:
  extensions: [basicauth/indexer, basicauth/cluster_master]
  pipelines:
    metrics:
      receivers: [splunkenterprise]
      exporters: [debug]

For a full list of settings exposed by this receiver please look here with a detailed configuration here.

Documentation ¶

Constants ¶

View Source

const (
	// unknown/failed values
	KVStatusUnknown        = "unknown"
	KVRestoreStatusUnknown = "Unknown status"
	KVBackupStatusFailed   = "Failed"
)

'/services/kvstore/status'

Variables ¶

This section is empty.

Functions ¶

func NewFactory ¶

func NewFactory() receiver.Factory

Types ¶

type Config ¶

type Config struct {
	scraperhelper.ControllerConfig `mapstructure:",squash"`
	metadata.MetricsBuilderConfig  `mapstructure:",squash"`
	IdxEndpoint                    confighttp.ClientConfig `mapstructure:"indexer"`
	SHEndpoint                     confighttp.ClientConfig `mapstructure:"search_head"`
	CMEndpoint                     confighttp.ClientConfig `mapstructure:"cluster_master"`
}

func (*Config) Validate ¶

func (cfg *Config) Validate() (errors error)

type DispatchArtifactContent ¶ added in v0.113.0

type DispatchArtifactContent struct {
	AdhocCount         string `json:"adhoc_count"`
	ScheduledCount     string `json:"scheduled_count"`
	SavedSearchesCount string `json:"ss_count"`
	CompletedCount     string `json:"completed_count"`
	IncompleteCount    string `json:"incomple_count"`
	InvalidCount       string `json:"invalid_count"`
	InfoCacheSize      string `json:"cached_job_status_info_csv_size_mb"`
	StatusCacheSize    string `json:"cached_job_status_status_csv_size_mb"`
	CacheTotalEntries  string `json:"cached_job_status_total_entries"`
}

type DispatchArtifactEntry ¶ added in v0.113.0

type DispatchArtifactEntry struct {
	Content DispatchArtifactContent `json:"content"`
}

type DispatchArtifacts ¶ added in v0.113.0

type DispatchArtifacts struct {
	Entries []DispatchArtifactEntry `json:"entry"`
}

'/services/server/status/dispatch-artifacts'

type IdxEBucketDirs ¶ added in v0.87.0

type IdxEBucketDirs struct {
	Cold   IdxEBucketDirsDetails `json:"cold"`
	Home   IdxEBucketDirsDetails `json:"home"`
	Thawed IdxEBucketDirsDetails `json:"thawed"`
}

type IdxEBucketDirsDetails ¶ added in v0.87.0

type IdxEBucketDirsDetails struct {
	Capacity        string `json:"capacity"`
	EventCount      string `json:"event_count"`
	EventMaxTime    string `json:"event_max_time"`
	EventMinTime    string `json:"event_min_time"`
	HotBucketCount  string `json:"hot_bucket_count"`
	WarmBucketCount string `json:"warm_bucket_count"`
	WarmBucketSize  string `json:"warm_bucket_size"`
}

type IdxEContent ¶ added in v0.87.0

type IdxEContent struct {
	TotalBucketCount string         `json:"total_bucket_count"`
	TotalEventCount  int            `json:"totalEventCount"`
	TotalSize        string         `json:"total_size"`
	TotalRawSize     string         `json:"total_raw_size"`
	BucketDirs       IdxEBucketDirs `json:"bucket_dirs"`
}

type IdxEEntry ¶ added in v0.87.0

type IdxEEntry struct {
	Name    string      `json:"name"`
	Content IdxEContent `json:"content"`
}

type IdxQContent ¶ added in v0.87.0

type IdxQContent struct {
	CurrentSize      int `json:"current_size"`
	CurrentSizeBytes int `json:"current_size_bytes"`
	LargestSize      int `json:"largest_size"`
	MaxSizeBytes     int `json:"max_size_bytes"`
}

type IndexesExtended ¶ added in v0.87.0

type IndexesExtended struct {
	Entries []IdxEEntry `json:"entry"`
}

'/services/data/indexes-extended'

type IntrQEntry ¶ added in v0.87.0

type IntrQEntry struct {
	Name    string      `json:"name"`
	Content IdxQContent `json:"content"`
}

type IntrospectionQueues ¶ added in v0.87.0

type IntrospectionQueues struct {
	Entries []IntrQEntry `json:"entry"`
}

'/services/server/introspection/queues'

type KVEntry ¶ added in v0.113.0

type KVEntry struct {
	Content KVStatus `json:"content"`
}

type KVService ¶ added in v0.113.0

type KVService struct {
	Status string `json:"status"`
}

type KVStatus ¶ added in v0.113.0

type KVStatus struct {
	Current   KVStoreCurrent `json:"current"`
	KVService KVService      `json:"externalKVStore,omitempty"`
}

type KVStoreCurrent ¶ added in v0.113.0

type KVStoreCurrent struct {
	Status              string `json:"status"`
	BackupRestoreStatus string `json:"backupRestoreStatus"`
	ReplicationStatus   string `json:"replicationStatus"`
	StorageEngine       string `json:"storageEngine"`
}

type KVStoreStatus ¶ added in v0.113.0

type KVStoreStatus struct {
	Entries []KVEntry `json:"entry"`
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
metadata

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL