Get data into Splunk Observability Cloud ๐
The first step toward full-stack observability using Splunk Observability Cloud is getting data from all your infrastructure, applications, and user interfaces into the following products in our suite:
Hereโs a high-level overview of your options for getting data from each layer of your stack into the Observability Cloud product best suited to provide insights about your data. This diagram also provides a recommended sequence of steps. Splunk highly recommends that you perform steps 1-8 to get the most out of Observability Cloud.
Note
The following task sequence is just a recommendation. Follow the sequence that better suits your workflow and environment.
Depending on your observability goals and environment, you can choose to perform only a subset of the steps. For example, this might be the case if you donโt use every Observability Cloud product, or if you donโt want to collect data from every eligible data source.
Per product integration recommendations ๐
If you are not yet implementing full-stack observability as described in the diagram above, and are using only one or a few products, see the table to learn which steps are recommended, optional, or not applicable (n/a) based on which environment you want to use.
You can also get data into Observability Cloud using the Splunk Distribution of OpenTelemetry collector.
Step |
Infrastructure Monitoring only |
APM only |
RUM only |
Sends logs to Log Observer? |
|---|---|---|---|---|
Recommended |
n/a |
n/a |
Yes |
|
Recommended |
Recommended |
n/a |
Yes |
|
Optional |
Optional |
n/a |
Yes |
|
Optional |
Recommended |
n/a |
Yes |
|
Optional |
Recommended |
n/a |
No |
|
6. Configure homegrown apps and serverless functions to send custom data |
n/a |
n/a |
Recommended |
No |
Recommended |
Recommended |
n/a |
No |
|
Optional |
Optional |
n/a |
Yes |
1. Integrate with cloud services to send metrics and logs ๐
If you are using cloud services for your infrastructure, the first step is to integrate these services with Observability Cloud.
This integration can send:
Metrics and metadata; such as tags, labels and properties; to Infrastructure Monitoring
Logs to Log Observer (AWS and GCP)
After youโve integrated with your cloud services, you can access your data in the following locations:
View metrics in Infrastructure Monitoring navigators
View metrics in built-in dashboards for AWS, GCP, and Azure services
Search for metrics using the Metric Finder. For the list of metrics provided by a cloud service, see:
Query logs in Log Observer, if you chose to ingest logs
To learn more about Observability Cloudโs data model, refer to Data types in Splunk Observability Cloud.
Steps ๐
To integrate with Amazon Web Services, use the method that better suits your environment:
To integrate with Google Cloud Platform services, use the method that best suits your environment:
To integrate with Microsoft Azure services, use the method that best suits your environment:
For example, you might want to use the guided setup if you are setting up just a few integrations, such as five or less. However, if you are setting up many integrations, such as for different accounts and regions, use the API or Terraform. Note that if you need all of the latest integration features, you might want to use the API because support might not yet be available using Terraform.
Troubleshooting ๐
For help with an Amazon Web Services integration, see Troubleshoot your AWS connection.
For help with other questions, contact Splunk Observability Cloud support.
2. Configure servers and clusters to send metrics and logs ๐
Install the Splunk Distribution of OpenTelemetry Collector on any servers (hosts) or in any clusters you are using as a part of your infrastructure. For example, this might mean installing the Splunk Distribution of OpenTelemetry Collector on servers running in your data center or on a virtual machine running in the cloud.
The Splunk Distribution of OpenTelemetry Collector:
Can send metrics to Infrastructure Monitoring
Can send logs to Log Observer
Prepares your environment to receive logs and traces from applications instrumented in step 4. Instrument homegrown applications to send traces, logs, and metrics
After youโve installed the Splunk Distribution of OpenTelemetry Collector and configured your servers and clusters, you can access your data in the following locations:
View metrics in Infrastructure Monitoring navigators
View metrics in built-in dashboards for hosts and Kubernetes
Search for metrics using Metric Finder
Query logs in Log Observer, if you chose to ingest logs
Steps ๐
To configure Windows servers, install the Splunk Distribution of OpenTelemetry Collector using the method that best suits your environment:
To configure Linux servers, install the Splunk Distribution of OpenTelemetry Collector using the method that best suits your environment:
To configure Kubernetes clusters, install the Splunk Distribution of OpenTelemetry Collector using the method that best suits your environment:
One of the benefits of using the Splunk Distribution of OpenTelemetry Collector to send your data to Observability Cloud is that Related Content, a feature that activates users to seamlessly move between key views in Observability Cloud, is easier to implement. For more information, see Related Content in Splunk Observability Cloud.
Troubleshooting ๐
For help with the Splunk Distribution of OpenTelemetry Collector installation, see Troubleshoot the Collector.
For help with other questions, contact Splunk Observability Cloud support.
3. Configure third-party server applications to send metrics, logs, and traces ๐
After youโve completed step 2. Configure servers and clusters to send metrics and logs, in which you installed the Splunk Distribution of OpenTelemetry Collector on your servers (hosts) or in your clusters, you can now configure the Splunk Distribution of OpenTelemetry Collector receivers for any of these third-party applications running on your servers or in your clusters.
For example, these receivers can send data from applications; such as Apache, Cassandra, Hadoop, Kafka, and NGINX; that are running on your servers and in your clusters.
This integration can send:
Metrics to Infrastructure Monitoring
Logs to Log Observer
Traces to APM (SignalFx Forwarder only)
After youโve configured the Splunk Distribution of OpenTelemetry Collector receivers for your desired server applications, you can access your data in the following locations:
View metrics using any built-in dashboards available for your server applications. For example, here is the built-in Kafka dashboard:
For more information about dashboards, see View dashboards in Splunk Observability Cloud.
Search for metrics using Metric Finder. For the list of metrics provided by an application receiver, see the documentation for the application receiver.
Query logs in Log Observer, if you chose to ingest logs
For SignalFx Forwarder only, you can:
View traces on the APM landing page to assess the health of your applications
View traces in the APM Explorer view to assess dependencies among your applications
Steps ๐
For information about available server application receivers and how to configure them, see Available host and application monitors.
Troubleshooting ๐
For help with the Splunk Distribution of OpenTelemetry Collector application receiver configuration, see Troubleshoot the Collector.
For help with other questions, contact Splunk Observability Cloud support.
4. Instrument homegrown applications to send traces, logs, and metrics ๐
You can choose to instrument your homegrown applications that youโve developed in-house to send data to Observability Cloud.
This integration can send:
Traces to APM
Logs (events) to Log Observer
Metrics to Infrastructure Monitoring (Java only)
After youโve instrumented your application, you can access your data in the following locations:
View traces on the APM landing page to assess the health of your applications
View traces in the APM Explorer view to assess dependencies among your applications
For a Java application, you can search for metrics using Metric Finder
Query logs in Log Observer, if you chose to ingest logs
Steps ๐
See the instrumentation documentation for your application language:
One of the benefits of using the Splunk Distribution of OpenTelemetry Collector to send your data to Observability Cloud is that Related Content, a feature that activates users to seamlessly move between key views in Observability Cloud, is much easier to implement. For more information, see Related Content in Splunk Observability Cloud.
Troubleshooting ๐
For help with application instrumentation, see Troubleshoot your instrumentation.
For help with other questions, contact Splunk Observability Cloud support.
5. Instrument serverless functions to send traces and metrics ๐
You can choose to instrument your serverless functions.
Note: This step is about bringing in built-in metrics and traces. Once you have a chance to familiarize yourself with your data coming in, you can use this same instrumentation to bring in custom data. For more information, see step 7. Configure homegrown applications and serverless functions to send custom data.
This integration can send:
Traces to APM
Metrics to Infrastructure Monitoring
After youโve instrumented your serverless functions, you can access your data in the following locations:
View traces on the APM landing page to assess the health of your applications
View traces in the APM Explorer view to assess dependencies among your applications
View metrics in the Infrastructure Monitoring Lambda Functions navigator
For more information, see Monitor AWS services and identify problems.
View metrics in built-in dashboards for AWS Lambda
Search for metrics using Metric Finder
Steps ๐
To instrument your AWS Lambda serverless functions, see Instrument serverless functions for Splunk Observability Cloud.
Troubleshooting ๐
For help with instrumenting your AWS Lambda serverless functions, see Troubleshoot the Splunk OpenTelemetry Lambda Layer.
For help with other questions, contact Splunk Observability Cloud support.
6. Instrument user interfaces to send user sessions ๐
You can choose to instrument browser and mobile user interfaces to monitor front-end application user experiences.
This integration sends user sessions to RUM.
After youโve instrumented your user interfaces, you can use RUM to start reviewing key metrics and vitals, as well as investigate errors in your spans:
Steps ๐
To instrument web browsers to send user session data, see Instrument browser-based web applications for Splunk RUM.
To instrument an iOS application to send user session data, see Instrument iOS applications for Splunk RUM.
To instrument an Android application to send user session data, see Instrument Android applications for Splunk RUM.
Troubleshooting ๐
For help with instrumenting user interfaces, contact Splunk Observability Cloud support.
7. Configure homegrown applications and serverless functions to send custom data ๐
Now that you have built-in data from your full stack flowing into Observability Cloud, assess whether there are custom data points you need to bring in. You can configure applications to send custom metrics and instrument serverless functions to send custom traces.
For many teams, some of the most meaningful data is custom data because you can define these data points to focus on what is most important to you in your specific environment.
For example, if you run an e-commerce site, you might configure your application to send a custom metric about the number of orders placed. You can then create a detector to receive an alert when the number of orders drops significantly. You might also configure your application to send a custom metric about how long payment processing takes. You can then create a detector to issue alerts when the processing time exceeds a threshold.
This integration can send:
Custom metrics to Infrastructure Monitoring
Custom traces to APM
After youโve configured your homegrown applications and instrumented your serverless functions to send custom metrics and traces, you can access your data in the following locations:
View traces on the APM landing page to assess the health of your applications
View traces in the APM Explorer view to assess dependencies among your applications
Search for metrics using Metric Finder
Configuration steps for homegrown applications ๐
Use the library for your application language:
Go client library for SignalFx on GitHub
For Java, use one of these available integrations:
Node.js client library for SignalFx on GitHub
Python client library for SignalFx on GitHub
Ruby client library for SignalFx on GitHub
Instrument serverless functions ๐
To instrument your AWS Lambda serverless functions, see Instrument serverless functions for Splunk Observability Cloud.
Troubleshooting ๐
For help with configuring homegrown applications to send custom data to Observability Cloud, file an issue in the associated client library GitHub repo.
For help with instrumenting your AWS Lambda serverless functions, see Troubleshoot the Splunk OpenTelemetry Lambda Layer.
For help with other questions, contact Splunk Observability Cloud support.
8. Use the Observability Cloud API to send custom data ๐
Now that you have built-in data from your full stack flowing into Observability Cloud, assess whether there are custom data points you need to bring in. You can use the Observability Cloud API to bring in custom data.
You might want to use the API if you want to integrate with:
A third-party tool that provides an API/webhook integration only.
An application written in a language we donโt provide a library for.
This API integration can send all types of data to Observability Cloud. While you can use the API to send logs to Log Observer, we recommend using other integration types to do so. For details about which integrations can send logs to Log Observer, see Per product integration recommendations.
After youโve configured your integration to send custom data, you can access your data in the following locations:
View traces on the APM landing page to assess the health of your applications
View traces in the APM Explorer view to assess dependencies among your applications
Search for metrics using Metric Finder
Query logs using Log Observer, if you chose to ingest logs.
Steps ๐
For information about using the Observability Cloud API to send custom data, see Send metrics, traces, and events using Observability Cloud REST APIs.
Troubleshooting ๐
For help with using the Observability Cloud API to send custom data, contact Splunk Observability Cloud support.
Next steps ๐
Once you have your desired full stack of data coming into Observability Cloud, consider exploring the following features that can help you monitor, visualize, and coordinate team work around your data:
Create detectors to receive alerts about conditions in your data that are important you.
Create charts to visualize your data.
Use Related Content to jump between components of Splunk Observability Cloud by clicking related data.
Create and customize dashboards to organize and share your charts.
Create and manage teams in Splunk Observability Cloud to coordinate team work around your data.
Check system critical metrics, access real-time alerts, and view mobile-friendly dashboards on the go using the Observability Cloud mobile app.
Learn more about what you can do with metrics.
- Learn more about each product in the Observability Cloud suite: