icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Monitoring OpenShift - Metrics and Log Forwarding
SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_59240.tgz) 2e5dcfb06c7a9a4622df30fa628e1cf71bfbf48c75587edbb5b61aac223b3b86 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_58231.tgz) 5069fdd59603862d9e2dc3daee38451dbe2f264f7b5fb7403e91c74f8a5dd428 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_58230.tgz) 91a4abf74a7fcfaa1658845233df5168b32023c1911804c43c6ad7f58fb24e3c SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_57220.tgz) 99f13a1084a7ad95356c0e0c234612c4a6faee29b768cd28a094ca10717a3060 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_56212.tgz) dcec197124cd6d778741f7ebaf6c36a8d4559dd0283d496cefd7471363950820 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_55202.tgz) ded6f6d9d6484a1c6643ceb19e1cae73829ec9fadf971f3057884240f3756a51 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_54201.tgz) 86ac71ba4f5897bc4a4a90e27d5c1124ada68dbffffd9b19a5c6339d6212e59d SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_54200.tgz) 49558865070a730b16dd8b5148af0cd8dc799cde7b653a5b8ffe3204c3092acf SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_53190.tgz) fa5c4114289ca862ea21896df6f56b864e8cc8c4ee4217d780123f88bea443ee SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_52180.tgz) 2bbce4d745de714d29cbfdec5ce5b2c9c24704f69dd070f448c90410501916b4 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_52179.tgz) 452c3bf03fb88219781ebdb3929425525856f6be8ddbf39d1d287adbf1af4460 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_52177.tgz) d0ae68786322b55c59edd7597798154433e7bc490b7e9dc38ea377529dc6fd5d SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_51175.tgz) 4d6e4b0280f88d270e4b1f1d0dcc40e27e395184333b007a0859b2a4b4c8b827 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_50174.tgz) 7c140b11309feeabd8be487dc14750a652a218e11b433ef9b9c616e98bd5d500 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_4024.tgz) e77fc147b1f9aad064a9df98448a5e977cb1fd900dd096b02278fd42aca31da8 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_3023.tgz) 4cb4a11ed1c9e8453963f3fca8502ac3f2ac1fa92539e55b4b9e6e193f6eb497 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_3022.tgz) 3c87ebfe93280456846b618145fcbe16a9290a6abf4d0fc0b0395ed9df307d16 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_2121.tgz) 7275beb762f5bb9c97222a15a9b3989f39b7478681fadf3b4788eef62f515368 SHA256 checksum (monitoring-openshift-metrics-and-log-forwarding_2118.tgz) 471ae3531b6101363c4b8a6a73bc58fd1a2e73963690ec7e8db8484eda7e0384
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Monitoring OpenShift - Metrics and Log Forwarding

Splunk AppInspect Passed
Overview
Details
Focus on your applications, we will take care of infrastructure monitoring and logs forwarding.

Use cases

- Application Monitoring
- Log Aggregation
- Cluster Health Monitoring
- Security and Audit
- Reduce complexity and improve productivity

With 10 minutes setup, you will get a monitoring solution, that includes log aggregation, performance and system metrics, metrics from the control plane and application metrics, a dashboard for reviewing network activity, and alerts to notify you about cluster or application performance issues.

An application requires Collectord built by Outcold Solutions, see https://www.outcoldsolutions.com/docs/monitoring-openshift/

Overview

Outcold Solutions provide solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. We offer Splunk applications, which give you insights across all containers environments. We are helping businesses to reduce complexity related to logging and monitoring by providing easy-to-use and deploy solutions for Linux and Windows containers. We deliver applications to help developers monitor their applications and operators to keep their clusters healthy. With the power of Splunk Enterprise and Splunk Cloud, we offer a unique solution to help you keep all the metrics and logs in one place, allowing you to quickly address complex questions on container performance and cluster health.

Description

We provide solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. With 10 minutes setup, you will get a monitoring solution, that includes log aggregation, performance and system metrics, metrics from the control plane and application metrics, a dashboard for reviewing network activity, and alerts to notify you about cluster or application performance issues.
All our solutions are powered by the Collectord, a container-native software built by Outcold Solutions that provides capabilities for discovering, transforming and forwarding logs, collecting system metrics, collecting metrics from the control plane of the orchestration frameworks and forwarding network activity. Collectord provides flexible and powerful tools for transforming logs. With our software you can hide sensitive information from the loglines before forwarding them. With Collectord you can reduce the licensing costs associated with logging aggregation by choosing which data you want to forward from the log streams. Collectord forwards container logs, host logs and can discover logs written by the containerized applications.

Use cases

Application Monitoring

See detailed metrics from containers and processes, including performance metrics, utilization metrics and security insights. Forward application-specific metrics, exported in Prometheus format. Use prebuilt Splunk dashboards for a comprehensive overview.

Log Aggregation

Aggregate logs from containers, applications, and servers. Use flexible mappings to filter logs enriched with container metadata, correlate logs with metrics, and leverage Splunk capabilities for analyzing logs. Use Collectord to transform logs before they reach Splunk, remove sensitive information, remove PII data to help keep your logs GDPR compliant. With Collectord you can reduce licensing and storage costs by choosing which loglines you want to forward.

Cluster Health Monitoring

Diagnose cluster issues by looking at historical events, monitoring allocations, and regulating cluster capacity. Leverage pre-built alerts for monitoring the health of the clusters out of the box.

Security and Audit

Define access to the data by clusters, namespaces and even pods or containers. Review network activities, happening inside your cluster, and outside connections. Verify containers running with elevated security permissions. Use audit logs for monitoring changes in deployments.

Reduce complexity and improve productivity

Use one tool to collect and forward logs and metrics required by developers for reviewing performance and health of their applications. With the annotations developers can define how they want to see the data in log aggregation tool, specify multiline log patterns, removing terminal escape codes, override types, sources and indexes.

Links

Release Notes

Version 5.9.240
May 13, 2019

5.9.240 - 2019-05-14
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.9.240 or above (see https://www.outcoldsolutions.com for latest configuration)

- Visual improvements on the graphs for the number of logs and events
- New alerts for the CPU and Memory reservation

Collectord updates:

- Support for multiple Splunk destinations (outputs)
- Support subdomains for annotations (to deploy multiple collectord instances)
- Support for streaming objects from Kubernetes API to Splunk
- Bug fix: journald input keeps fd open to the rotated files
- Bug fix: fix in the annotation parser for the interval annotations
- Bug fix: fix splunk url selection configuration for multiple splunk URLs

Version 5.8.231
April 25, 2019

5.8.231 - 2019-04-25
--------------------------------------------------------------------------------
- Bug fix: Collectord usage report shows trial licenses for all instances

Version 5.8.230
April 20, 2019

5.8.230 - 2019-04-22
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.8.230 or above (see https://www.outcoldsolutions.com for latest configuration)

- Use multiselect filters for most dashboards and filters with possibility to input custom filters.
- Reduce dedup usage to improve performance on dashboards.
- Add critical pod annotations for OpenShift ...3.10, and priority class for OpenShift 3.11...
- Fix: statefulset dashboard does not show data with filters.
- Add graph of number of pods per namespace on Overview dashboard.

Collectord updates:

- Bug fix: clogging collectord output with errors when incorrect index is used.
- Bug fix: short lived containers can results in duplicating logs.
- Bug fix: clogging collectord output with warnings when kernel reports incorrect VmRss size.
- Bug fix: annotations cannot override timestamp location for fields extraction.
- Bug fix: verify command reports Journald input in incorrect place.
...

Version 5.7.220
March 16, 2019

Requires collectorforopenshift version 5.7.220 or above (see https://www.outcoldsolutions.com for latest configuration)

- Review savedsearches/alerts to support indexing delay (start searches from 2 minutes behind) and run them in more random time.
- Workload dashboard - change CPU (of host) in table to real CPU
- Fixed single value memory panel on host dashboard (missed span)
- Use SEGMENTATION=none for stats events to use less disk space (needs to me moved to indexers)

Collectord updates:

- Support hostname formatting with environment variables in configuration
- New rotated file logic uses less file descriptors and frees rotated files quicker
- Allow to specify a default sampling value for container logs
- Reimplemented shutdown sequence to stop collectord faster
- Allow to override sampling percent with annotations
- New Input: journald

Version 5.6.212
Feb. 19, 2019

5.6.212 - 2019-02-19
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.6.212 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Alert: high CPU usage on the host.
- Fixed: Splunk usage dashboard - charts do not show the data, when the used indexed aren't searchable by default.
- New: Support Dark theme.
- New: Free text search in Logs dashboard.
- New: Add auto-refresh options to the dashboard.
- Fixed: Revisited CPU limits and requests for Pods and Containers.
- New: add CPU Max, Memory Max and Project/Namespace labels to the Review-Namespaces dashboard.
- Fixed: Show deleted events

Read more https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 5.5.202
Jan. 23, 2019

5.5.202 - 2019-01-24
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.5.202 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Dashboard Review -> Projects. Review allocations and requests for Projects and pods.
- Fixed: openshift_stats_cpu_request_percent - is divided by the number of CPU.

Collectord updates:
- Fixed: Interval 0 in Prometheus input can crash the collectord.
- Fixed: When both glob and match are set for the application logs, the glob pattern can block the match pattern from
finding the files in the volume.

Version 5.4.201
Dec. 20, 2018

5.4.201 - 2018-12-19
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.4.201 or above (see https://www.outcoldsolutions.com for latest configuration)

- Fixed: Alerts for licenses issued with AWS Subscriptions

Collectord updates:
- Fixed: Better handling rotated files (less open fd)
- Fixed: Events input can hang in the err loop.

Version 5.4.200
Dec. 16, 2018

5.4 - 2018-12-17
--------------------------------------------------------------------------------
Requires collectorforkubernetes version 5.4 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: CoreDNS dashboard.
- New: CoreDNS alerts.
- Improved: etcd metrics representation for bucket values.
- Compatibility update for collectord 5.4.

Collectord updates:
- New: Attach EC2 metadata fields
- New: Basic Auth for Proxy (License Server and Splunk)
- Fixed: Collectord verifies reports CRI-O as unsupported runtime.
- Fixed: Rare crash on Prometheus metrics definition.
- Fixed: Better handling of acknowledgment database corruption.
- Fixed: When handling incorrect indexes, collectord can send index with an empty string, that Splunk recognize as an incorrect index

Version 5.3.190
Nov. 17, 2018

5.3 - 2018-11-19
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.3 or above (see https://www.outcoldsolutions.com for latest configuration)

- Fixed: Improved Workload dashboard. Allows to filter by namespace, see all Pods in a specific namespace, filter by workload label.
- New: Alert for showing when Collectord reports errors in Processing pipelines (as an example if it failed to extract fields).
- New: Alert for showing when Collectord reports warnings.
- Fixed: Add node labels filter to Storage Dashboard and Control Plane Dashboards.
- New: Alert if lag in the indexing of the data.
- New: Splunk Usage (License usage, number of events) report under Setup.
- Fixed: misprint in Builds dashboard.
- Fixed: adjusted high amount of errors to Kubernetes API dashboard to make it less verbose.

https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 5.2.180
Oct. 28, 2018

5.2.180 - 2018-10-28
- Fixed: lookup with alerts causing very often replication activities on SHC

5.2.179 - 2018-10-17
- Fixed: changed search time for few alerts that cause false positives with indexing lag on large installations

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 5.2.179
Oct. 17, 2018

5.2.179 - 2018-10-17
- Fixed: changed search time for few alerts that cause false positives with indexing lag on large installations

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 5.2.177
Oct. 15, 2018

5.2 - 2018-10-15
--------------------------------------------------------------------------------
Requires collectorforopenshift version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

- New: Review/Storage dashboard based on storage metrics and PVC metrics.
- New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
- Fixed: Performance improvements
...

For details https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 5.1.175
Sept. 17, 2018

- New: Network metrics (MB, Packets, Drops and Errors) for host and containers.
- New: Network socket tables (list of port that containers and hosts are listen on, connections to external resources).
- New: Network review dashboard to see the list of connection to public services and in private network.
- Improvement: Replace python-based lookup with macro written with eval.
- Improvement: Visual improvement for showing when the object was Last Seen (highlighting and showing minutes ago).
... and more

https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 5.0.174
Sept. 4, 2018

Highlights:
- Application logs
- Annotations for fields extraction, hiding sensitive information, time extraction, redirecting to /dev/null, stripping terminal colors and more

For more details:
https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/

Version 4.0.24
May 15, 2018

- New dashboard: Cluster/Audit
- New dashboard: Cluster/API Server
- New dashboard: Cluster/Controller
- New dashboard: Cluster/Kubelet
- New dashboard: Cluster/etcd
- Include image name, when list containers.
- Added syslog component to the list of host logs.
- Fixed: Include Daemon Set on Overview dashboard, list of projects.
- Fixed: Broken navigation from the list of deployments.

Version 3.0.23
Feb. 17, 2018

3.0.23 - bug fixes release

3.0.22
New overview, security and capacity dashboards. Workload aggregation dashboard.
A lot of of bug fixes and performance improvements.

Relese Notes: https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/#30-2018-02-07
Upgrade instructions: https://www.outcoldsolutions.com/docs/monitoring-openshift/upgrade-2-to-3/
Requires collectorfor openshift version 3.0 or above (see https://www.outcoldsolutions.com for latest configuration)

Version 3.0.22
Feb. 8, 2018

New overview, security and capacity dashboards. Workload aggregation dashboard.
A lot of of bug fixes and performance improvements.

Relese Notes: https://www.outcoldsolutions.com/docs/monitoring-openshift/release-history/#30-2018-02-07
Upgrade instructions: https://www.outcoldsolutions.com/docs/monitoring-openshift/upgrade-2-to-3/
Requires collectorfor openshift version 3.0 or above (see https://www.outcoldsolutions.com for latest configuration)

Version 2.1.21
Jan. 2, 2018

2.1.21 - 2018-01-02
--------------------------------------------------------------------------------
Requires collectorforopenshift version 2.1.62.171219 or above

- Updated author and description

2.1 - 2017-12-20
--------------------------------------------------------------------------------
Monitoring Openshift 2.1

Requires collectorforopenshift version 2.1.62.171219 or above

- Initial release for Monitoring OpenShift

Version 2.1.18
Dec. 22, 2017

Monitoring Openshift 2.1

Requires collectorforopenshift version 2.1.62.171219 or above

- Initial release for Monitoring OpenShift

107
Installs
1,030
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2019 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.