Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

END-USER LICENSE AGREEMENT

Splunk Websites Terms and Conditions of Use

Thank You

Downloading Monitoring Kubernetes - Metrics and Log Forwarding
SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_54200.tgz) 6a8d58007b1cff19e6d8d44a5d46a576eb25c6cc4bc7a558f9c52c6d2d5a435f SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_53190.tgz) 2b7bd42d563ed58fadb9e467e6ba5461830d1a9c8a15dbabe7084898a419f10b SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_52181.tgz) fb3df3709beda6bcd72c9906fdb28d87ef38f5a32e06ad007b4af1909e732e58 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_52180.tgz) d367f9dc82a764238536dd7ac3a10e2245975f8d9343f63a362231d5d73c9efd SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_52179.tgz) 7a780cf76602e0657bf15e0a1b6603b1831294e879c71ae5e04da2dee3c7acd3 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_52176.tgz) 468c52438060ee4b0a9ff8a938e3a68bafb453f6f7726210e98eb36dd4c35da8 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_51175.tgz) d6f58aaaf65d2d423b7b94f1fb15081f9fceec228bc69c911f52c92b3a405475 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_50174.tgz) 031d687eca59171e08746d3f18a4c5ce992caf5ca71f58d0bb4c9b104fbbd8b0 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_4024.tgz) 47ad71a95ff7aa8fa38b0b594cf3b88bc489b9db764ce469256e2ce243b78e6e SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_3023.tgz) 41cc9b26d41842c8b5af4cb901c39b8ae1a1070fd9c72ca2eeacb0c7d30ee356 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_3022.tgz) f0e7ceb233e5d53793449619b46eeed1ffb776b65c06baae2196ba6b651de1b7 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_2121.tgz) fccf7602c8cffc00685658312f4cb2288eefd45b0f36d721332ddee5ec063140 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_2120.tgz) cf45a50e8e2a8ff8e57a5895ad8cf352bdb005a51e705df8c210d121571315e2 SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_2017.tgz) fb282385eb07d6b3e2ab87bcb42ad9b357b770aa21cfd97b740a3c9181341b3c SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_103.tgz) 9a894513073be79a39fbcee57cfe9cf3050949c703778e1d9dbc2d0b5cc045ae SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_102.tgz) 2ec596191a1a84e854de38939313d2869473a5c88a2a67af3165d384e114260f SHA256 checksum (monitoring-kubernetes-metrics-and-log-forwarding_101.tgz) cdd51424b7e5dd3bd3d63b12729029c9cac5a8a5e0138171e952d7a88e0a02b9
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Monitoring Kubernetes - Metrics and Log Forwarding

Splunk AppInspect Passed
Overview
Details
Focus on your applications, we will take care of infrastructure monitoring and logs forwarding.

Use cases

- Application Monitoring
- Log Aggregation
- Cluster Health Monitoring
- Security and Audit
- Reduce complexity and improve productivity

With 10 minutes setup, you will get a monitoring solution, that includes log aggregation, performance and system metrics, metrics from the control plane and application metrics, a dashboard for reviewing network activity, and alerts to notify you about cluster or application performance issues.

An application requires Collectord built by Outcold Solutions, see https://www.outcoldsolutions.com/docs/monitoring-kubernetes/

Overview

Outcold Solutions provide solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. We offer Splunk applications, which give you insights across all containers environments. We are helping businesses to reduce complexity related to logging and monitoring by providing easy-to-use and deploy solutions for Linux and Windows containers. We deliver applications to help developers monitor their applications and operators to keep their clusters healthy. With the power of Splunk Enterprise and Splunk Cloud, we offer a unique solution to help you keep all the metrics and logs in one place, allowing you to quickly address complex questions on container performance and cluster health.

Description

We provide solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. With 10 minutes setup, you will get a monitoring solution, that includes log aggregation, performance and system metrics, metrics from the control plane and application metrics, a dashboard for reviewing network activity, and alerts to notify you about cluster or application performance issues.
All our solutions are powered by the Collectord, a container-native software built by Outcold Solutions that provides capabilities for discovering, transforming and forwarding logs, collecting system metrics, collecting metrics from the control plane of the orchestration frameworks and forwarding network activity. Collectord provides flexible and powerful tools for transforming logs. With our software you can hide sensitive information from the loglines before forwarding them. With Collectord you can reduce the licensing costs associated with logging aggregation by choosing which data you want to forward from the log streams. Collectord forwards container logs, host logs and can discover logs written by the containerized applications.

Use cases

Application Monitoring

See detailed metrics from containers and processes, including performance metrics, utilization metrics and security insights. Forward application-specific metrics, exported in Prometheus format. Use prebuilt Splunk dashboards for a comprehensive overview.

Log Aggregation

Aggregate logs from containers, applications, and servers. Use flexible mappings to filter logs enriched with container metadata, correlate logs with metrics, and leverage Splunk capabilities for analyzing logs. Use Collectord to transform logs before they reach Splunk, remove sensitive information, remove PII data to help keep your logs GDPR compliant. With Collectord you can reduce licensing and storage costs by choosing which loglines you want to forward.

Cluster Health Monitoring

Diagnose cluster issues by looking at historical events, monitoring allocations, and regulating cluster capacity. Leverage pre-built alerts for monitoring the health of the clusters out of the box.

Security and Audit

Define access to the data by clusters, namespaces and even pods or containers. Review network activities, happening inside your cluster, and outside connections. Verify containers running with elevated security permissions. Use audit logs for monitoring changes in deployments.

Reduce complexity and improve productivity

Use one tool to collect and forward logs and metrics required by developers for reviewing performance and health of their applications. With the annotations developers can define how they want to see the data in log aggregation tool, specify multiline log patterns, removing terminal escape codes, override types, sources and indexes.

Links

Release Notes

Version 5.4.200
Dec. 16, 2018

5.4 - 2018-12-17
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.4 or above (see https://www.outcoldsolutions.com for latest configuration)

- Improved: etcd metrics representation for bucket values.
- Fixed: API latency alert - exclude imagestreamimports.
- Compatibility update for collectord 5.4.

Collectord updates:
- New: Attach EC2 metadata fields
- New: Basic Auth for Proxy (License Server and Splunk)
- Fixed: Collectord verifies reports CRI-O as unsupported runtime.
- Fixed: Rare crash on Prometheus metrics definition.
- Fixed: Better handling of acknowledgment database corruption.
- Fixed: When handling incorrect indexes, collectord can send index with an empty string, that Splunk recognize as an incorrect index
Version 5.3.190
Nov. 17, 2018

5.3 - 2018-11-19
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 5.3 or above (see https://www.outcoldsolutions.com for latest configuration)

- Fixed: Improved Workload dashboard. Allows to filter by namespace, see all Pods in a specific namespace, filter by workload label.
- New: Alert for showing when Collectord reports errors in Processing pipelines (as an example if it failed to extract fields).
- New: Alert for showing when Collectord reports warnings.
- Fixed: Add node labels filter to Storage Dashboard and Control Plane Dashboards.
- New: Alert if lag in the indexing of the data.
- New: Splunk Usage (License usage, number of events) report under Setup.
- Fixed: adjusted high amount of errors to Kubernetes API dashboard to make it less verbose.

https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 5.2.181
Oct. 29, 2018

5.2.180 - 2018-10-29
- Fixed: misprint in the search for showing alerts

5.2.180 - 2018-10-28
- Fixed: lookup with alerts causing very often replication activities on SHC

5.2.179 - 2018-10-17
- Fixed: changed search time for few alerts that cause false positives with indexing lag on large installations

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 5.2.180
Oct. 28, 2018

5.2.180 - 2018-10-28
- Fixed: lookup with alerts causing very often replication activities on SHC

5.2.179 - 2018-10-17
- Fixed: changed search time for few alerts that cause false positives with indexing lag on large installations

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 5.2.179
Oct. 17, 2018

5.2.179 - 2018-10-17
- Fixed: changed search time for few alerts that cause false positives with indexing lag on large installations

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 5.2.176
Oct. 15, 2018

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 5.1.175
Sept. 17, 2018

- New: Network metrics (MB, Packets, Drops, ​and Errors) for host and containers.
- New: Network socket tables (list of the port that containers and hosts are listening on, connections to external resources).
- New: Network review dashboard to see the list of connection to public services and in private network.
- Improvement: Replace python-based lookup with a macro written with eval.
- Improvement: Visual improvement for showing when the object was Last Seen (highlighting and showing minutes ago).
... and more

https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 5.0.174
Sept. 4, 2018

Highlights:
- Application logs
- Annotations for fields extraction, hiding sensitive information, time extraction, redirecting to /dev/null, stripping terminal colors and more

For more details:
https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/
Version 4.0.24
May 16, 2018

- New dashboard: Cluster/Audit
- New dashboard: Cluster/Kubernetes API Server
- New dashboard: Cluster/Kubelet
- New dashboard: Cluster/etcd
- New dashboard: Cluster/Scheduler
- New dashboard: Cluster/Controller Manager.
- Include image name, when list containers.
- Added syslog component to the list of host logs.
- Fixed: Include Daemon Set on Overview dashboard, list of namespaces.
Version 3.0.23
Feb. 17, 2018

3.0.23 - bug fixes release

3.0.22

New overview, security and capacity dashboards. Workload aggregation dashboard.
A lot of of bug fixes and performance improvements.

Relese Notes: https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/#30-2018-02-07
Upgrade instructions: https://www.outcoldsolutions.com/docs/monitoring-kubernetes/upgrade-2-to-3/
Requires collectorforkubernetes version 3.0 or above (see https://www.outcoldsolutions.com for latest configuration)
Version 3.0.22
Feb. 8, 2018

New overview, security and capacity dashboards. Workload aggregation dashboard.
A lot of of bug fixes and performance improvements.

Relese Notes: https://www.outcoldsolutions.com/docs/monitoring-kubernetes/release-history/#30-2018-02-07
Upgrade instructions: https://www.outcoldsolutions.com/docs/monitoring-kubernetes/upgrade-2-to-3/
Requires collectorforkubernetes version 3.0 or above (see https://www.outcoldsolutions.com for latest configuration)
Version 2.1.21
Jan. 2, 2018

2.1.21 - 2018-01-02
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 2.1.59.171209 or above
- Updated author and description

2.1.20 - 2017-12-09
--------------------------------------------------------------------------------
- Fixed link to setup / installation instructions.

2.1.18 - 2017-12-09
--------------------------------------------------------------------------------
- Implemented collectors dashboard to track number of collectors, their versions
and used licenses.
- Fallback to the process IO statistics when blkio is not available.
- Fix IO statistic graphs, showed average, when sum should be used.
- Fields extraction support for nginx ingress 0.9 and above.
- [collector] Improved resistance for storage failures.
- [collector] License checks reporting.
- [collector] Better support for openshift environment (default configuration).
Version 2.1.20
Dec. 17, 2017

2.1.20 - 2017-12-09
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 2.1.59.171209 or above

- Fixed link to setup / installation instructions.

2.1.18 - 2017-12-09
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 2.1.59.171209 or above

- Implemented collectors dashboard to track number of collectors, their versions
and used licenses.
- Fallback to the process IO statistics when blkio is not available.
- Fix IO statistic graphs, showed average, when sum should be used.
- Fields extraction support for nginx ingress 0.9 and above.
- [collector] Improved resistance for storage failures.
- [collector] License checks reporting.
- [collector] Better support for openshift environment (default configuration).
Version 2.0.17
Oct. 24, 2017

2.0 - 2017-10-22
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 2.0.37.171023 or above

- Better labels support in Dashboards.
Collector has a breaking feature, replacing format for labels from
`kubernetes_node_labels_LABEL1=VALUE1` to `kubernetes_node_labels=[LABEL1=VALUE1,LABEL2=VALUE2]`.
- Process level metrics.
- Uptime for hosts and processes.
- Fields extraction for kubernetes controller manager and scheduler.
- Fields extraction and support in dashboards for main kubernetes components (setup
host logs collection with collector).
- New top-like dashboards allow to monitor Hosts/Pods/Containers/Processes in realtime.
- Rewritten Kubernetes Objects Dashboards with support of Events and Labels.
- Improved dashboards navigation.
- Support for host logs.
- Other bugs and improvements based on user feedback.
Version 1.0.3
Oct. 13, 2017

Updated links to official documentation for installation instructions.
Version 1.0.2
Oct. 5, 2017

Fix labels on Kubernetes Dashboards (Most of the filters has incorrect label Daemon Sets)
Version 1.0.1
Oct. 4, 2017

Monitoring Kubernetes
197
Installs
1,424
Downloads
Share Subscribe LOGIN TO DOWNLOAD
Version
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
This version has not passed Splunk AppInspect.
Built by
Outcold Solutions LLC
Category & Contents
Categories: IT Operations, IoT & Industrial Data
App Type: App
Compatibility
Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise Products: Splunk Cloud, Splunk Enterprise
Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.1, 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent Splunk Versions: 7.0, 6.6, 6.5 Platform: Platform Independent
Licensing
END-USER LICENSE AGREEMENT
Support
Community Supported
Questions on Splunk Answers Flag as inappropriate
Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Learn More

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Submit Your App Dev Resources
Follow Us:
© 2005-2018 Splunk Inc. All rights reserved.
Sitemap | Contact | Careers | Privacy | Terms of Use | Export Control | Report a Problem
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.