Upgrade from version 3 to 5
1. Upgrade application
Download version 5 from SplunkBase and upgrade it in Splunk. Or perform in-place upgrade if you have downloaded our application from the app browser in Splunk.
2. Upgrade collector
Upgrade collector in your configuration (compose file or any other way you deploy collector) to latest version
Update your configuration:
- Since version 5 we map docker root folder (
/var/lib/docker/:/rootfs/var/lib/docker/) instead of containers folder (
/var/lib/docker/containers/:/rootfs/var/lib/docker/containers/). This change allows us to auto-discover application logs.
- Since version 5 we map all host folders under
/rootfsinside the container. Verify how you map the folders, compare to our Installation instructions.
- Since version 5 the default configuration file located in
/config/collector.conf. If you used to override the configuration, please read the configuration page and update your configuration files.
Upgrade from version 5.0 to 5.1
Version 5.1 is a minor upgrade, that includes Performance improvements, Usability improvements, and capability of forwarding Network Metrics. For more details, please read Release History.
Network metrics are defined under
input.net_stats (metrics) and
input.net_socket_table (table of network connection).
If you override indexes for various types of data, make sure to update these metrics as well.
- Start monitoring your docker environments in under 10 minutes.
- Automatically forward host, container and application logs.
- Test our solution with the embedded 30 days evaluation license.
- Collector configuration reference.
- Build custom image on top collector image with embedded configuration.
- Forwarding application logs.
- Multi-line container logs.
- Fields extraction for application and container logs (including timestamp extractions).
- Hiding sensitive data, stripping terminal escape codes and colors.
Configuring Splunk Indexes
- Using not default HTTP Event Collector index.
- Configure the Splunk application to use not searchable by default indexes.
Splunk fields extraction for container logs
- Configure search-time fields extractions for container logs.
- Container logs source pattern.
Configurations for Splunk HTTP Event Collector
- Configure multiple HTTP Event Collector endpoints for Load Balancing and Fail-overs.
- Secure HTTP Event Collector endpoint.
- Configure the Proxy for HTTP Event Collector endpoint.
Collecting metrics from Prometheus format
- Configure collector to forward metrics from the services in Prometheus format.
Monitoring multiple clusters
- Learn how you can monitor multiple clusters.
- Learn how to set up ACL in Splunk.
- Release History
- Upgrade instructions
- FAQ and the common questions
- License agreement