Outcold Solutions - Monitoring Kubernetes, OpenShift and Docker in Splunk

Monitoring Docker, OpenShift and Kubernetes - Version 5.15

This release includes a lot of minor improvements for stability and usability and several new features. We will highlight just a few of them. For the full list, please go to the release notes (links below this page).

Whitelists and blacklists for Prometheus metrics

With the new feature allowing you to define whitelists and blacklists for metrics exported in Prometheus format, you can significantly reduce the number of metrics forwarded to Splunk. This allows you to reduce indexing cost, reduce storage, and improve overall performance. We have updated our configuration files to include only metrics that we use in our dashboards for the endpoints that we monitor out of the box.

If you are forwarding metrics using annotations, you can also define a regexp pattern as a whitelist or blacklist to include only metrics that you are interested in.

New annotations for Collectord

Now you can configure any custom fields that you want to be forwarded with your events in Splunk. You can configure these annotations as collectord.io/userfields.team=team-a to forward all events from a specific namespace or pod with the pre-indexed field team and value team-a. You can configure these fields only for logs as collectord.io/logs-userfields.team=team-a.

Support for Kubernetes 1.18+ and OpenShift 4.5+

A lot of metrics have been deprecated with Kubernetes 1.18 (see github.com/kubernetes/kubernetes/pull/76496). We have updated our dashboards to support new metrics and to be able to use old metrics as well.

OpenShift 4.4 is built on top of Kubernetes 1.17, and we are guessing that 4.5 will be built on top of Kubernetes 1.18.

Old versions of deployment configs for Kubernetes and OpenShift are published on GitHub

You can find all versions of deployments starting from 5.0 in our GitHub repository github.com/outcoldsolutions/collectord-configurations. That way you can track all the changes and be able to use old configurations if you need them.

You can find more information about other minor updates by following the links below.

Release notes

Upgrade instructions

Installation instructions

About Outcold Solutions

Outcold Solutions provides solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. We offer certified Splunk applications, which give you insights across all container environments. We are helping businesses reduce complexity related to logging and monitoring by providing easy-to-use and easy-to-deploy solutions for Linux and Windows containers. We deliver applications, which help developers monitor their applications and help operators keep their clusters healthy. With the power of Splunk Enterprise and Splunk Cloud, we offer one solution to help you keep all the metrics and logs in one place, allowing you to quickly address complex questions on container performance.