Integrating OpenShift Web Console 4.x with Monitoring OpenShift application in Splunk
For OpenShift 3.x look at Monitoring OpenShift in Splunk: integration with Web Console
Compared to OpenShift 3.11, OpenShift 4.x looks completely different. In the first releases of OpenShift 4.x we suggested missing features, one of them was integration with the Web Console. See github.com/openshift/console: Pod Log Links Extension.
In OpenShift version 4.2 we gained a feature for adding links to external logging solutions. So you can integrate the Web Console with our Monitoring OpenShift application in Splunk Enterprise or Splunk Cloud.
Let’s walk through the steps for integration.
Official OpenShift documentation is available at Defining a template for an external log link.
Navigate as suggested to the Custom Resource Definition, find ConsoleExternalLogLink. At the Instances tab, click on
the button Create Console External Log Link
Define the YAML as in the example below (replace https://search.splunk.outcold.vmlocal:8000 with the URL of your Splunk
Search Head).
Web Console Expects only
httpslinks.
apiVersion: console.openshift.io/v1
kind: ConsoleExternalLogLink
metadata:
name: monitoring-openshift
spec:
hrefTemplate: >-
https://search.splunk.outcold.vmlocal:8000/en-US/app/monitoringopenshift/search?q=search%20%60macro_openshift_logs%60%20openshift_pod_id%3D%22${resourceUID}%22%20openshift_container_name%3D%22${containerName}%22%20openshift_namespace%3D%22${resourceNamespace}%22
text: Monitoring OpenShift
After that, you can go to the Pod page in the OpenShift Web Console and open logs in Splunk
When you click on Monitoring OpenShift, that will open a window with the logs in the Monitoring OpenShift application
