Outcold Solutions LLC

Integrating OpenShift Web Console 4.x with Monitoring OpenShift application in Splunk

February 10, 2021

For OpenShift 3.x look at Monitoring OpenShift in Splunk: integration with Web Console

OpenShift 4.x comparing to OpenShift 3.11 looks completely different. At the first releases of OpenShift 4.x we suggested missing features, one of them was integration with Web Console. See github.com/openshift/console: Pod Log Links Extension.

In OpenShift version 4.2 we gained a feature for adding links to the external logging solutions. So you can integrate Web Console with our Monitoring Openshift application in Splunk Enterprise or Splunk Cloud.

Let's walk through some steps of what you can do for integration.

Official OpenShift documentation is available at Defining a template for an external log link.

Navigate as suggested to the Custom Resource Definition, find ConsoleExternalLogLink, at the Instances tab click on the button Create Console External Log Link

Web Console Integration

Define the YAML as in the example below (replace https://search.splunk.outcold.vmlocal:8000 with the URL of your Splunk Search Head).

Web Console Expects only https links.

apiVersion: console.openshift.io/v1
kind: ConsoleExternalLogLink
metadata:
  name: monitoring-openshift
spec:
  hrefTemplate: >-
    https://search.splunk.outcold.vmlocal:8000/en-US/app/monitoringopenshift/search?q=search%20%60macro_openshift_logs%60%20openshift_pod_id%3D%22${resourceUID}%22%20openshift_container_name%3D%22${containerName}%22%20openshift_namespace%3D%22${resourceNamespace}%22
  text: Monitoring OpenShift

After that you can go to the Pod page in the OpenShift Web Console and be able to open logs in Splunk

Web Console Integration Logs

When you click on the Monitoring OpenShift that will open a window with the logs in Monitoring OpenShift application

Web Console Integration Logs

openshift, splunk, monitoring, metrics, logs

About Outcold Solutions

Outcold Solutions provides solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. We offer certified Splunk applications, which give you insights across all containers environments. We are helping businesses reduce complexity related to logging and monitoring by providing easy-to-use and deploy solutions for Linux and Windows containers. We deliver applications, which help developers monitor their applications and operators to keep their clusters healthy. With the power of Splunk Enterprise and Splunk Cloud, we offer one solution to help you keep all the metrics and logs in one place, allowing you to quickly address complex questions on container performance.