-
Epic
-
Resolution: Done
-
Major
-
None
-
Splunk Logforwarding
-
False
-
None
-
False
-
Not Selected
-
NEW
-
To Do
-
Impediment
-
VERIFIED
-
0% To Do, 0% In Progress, 100% Done
Goals
- Provide a new output option to forward logs to Splunk via splunks HTTP collector.
Non-Goals
Motivation
Usually, we recommend to use Splunk Connect for Kubernetes but some customers have requirements to send logs to multiple, different systems including Splunk. For these use cases, they'd like to avoid deploying multiple different "Agents" and want to use our supported solution instead.
Alternatives
For forwarding logs only to Splunk, users should use Splunk Connect for Kubernetes.
Acceptance Criteria
- Verify ClusterLogForwarder defines API for forwarding to splunk
- Verify collector deployments of Vector deliver logs to a spec'd splunk service
- Verify normalized messages adhere to the viaq data model ??
Risk and Assumptions
- Risk Splunk may require alternate normalization; this may be no more challenging then syslog
Documentation Considerations
- Update matrix of supported output types with the version against which we tested
- Updated API reference documentation
Open Questions
- How can we test either a functional or integration test?
- Are there mocking services we can use similar to Cloudwatch
- What credentials are required to authenticate with the service.
Additional Notes
- blocks
-
OBSDA-85 Support Splunk as output for ClusterLogForwarder
-
- Closed
-
- is documented by
-
RHDEVDOCS-4427 Logforwarding to Splunk
-
- Closed
-
- is related to
-
-
- Closed
-
- links to
- mentioned on
(4 links to, 2 mentioned on)
1.
|
Docs Tracker |
|
Closed | 
|
Libby Anderson |
2.
|
QE Tracker |
|
Closed |
|
Anping Li |
3.
|
TE Tracker |
|
Closed |
|
Senthamilarasu S |
