Splunk® IT Service Intelligence

Entity Integrations Manual

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

About the Splunk Infrastructure Monitoring entity integration in ITSI

The (ITSI) entity integration with Splunk Infrastructure Monitoring lets you use ITSI monitoring tools to investigate and troubleshoot your AWS, Azure, and GCP instances from Splunk Infrastructure Monitoring. The integration leverages the Splunk Infrastructure Monitoring Add-on, which runs on the search head cluster and provides generating search commands that fetch metrics and event data from your Splunk Infrastructure Monitoring account. For setup instructions, see Integrate Splunk Infrastructure Monitoring with ITSI.

This diagram illustrates how the Splunk Infrastructure Monitoring Add-on brings data into Splunk. The Splunk Infrastructure Monitoring Add-on is on the search head and sends a SignalFlow API query to Splunk Infrastructure Monitoring in the cloud. Splunk Infrastructure Monitoring contains GCP, Azure, and AWS integrations. The API sends back a streaming response with metrics. The Content Pack for Splunk Infrastructure Monitoring fetches these metrics and uses them to create entities, KPIs, and services. The content pack contains visualizations to help monitor your Splunk Infrastructure Monitoring environment.

Fetch data with the Splunk Infrastructure Monitoring Add-on

The Splunk Infrastructure Monitoring Add-on brings metrics and event data from Splunk Infrastructure Monitoring into ITSI on-demand. The return data bypasses Splunk indexes and directly streams into the Splunk interface. You can further manipulate the Splunk Infrastructure Monitoring data using Splunk Search Processing Language (SPL) to fit your specific use case. ITSI takes the data and populates the ITSI summary index with the appropriate metrics and events. For more information, see Introduction to Splunk Infrastructure Monitoring.

Add structure to your data with the Content Pack for Splunk Infrastructure Monitoring

When you install the Content Pack for Splunk Infrastructure Monitoring, ITSI entity discovery searches use the Splunk Infrastructure Monitoring Add-on to identify AWS, Azure, and GCP integration instances in your organization. The searches bring your cloud instances into ITSI in the form of entities and associate them with entity types. Each Splunk Infrastructure Monitoring entity contains a navigation link in the entity health dashboard leading back to the corresponding instance within Splunk Infrastructure Monitoring. The content pack automatically creates ITSI services corresponding to each integration type, which include KPIs to monitor critical functions.

Once you configure the Splunk Infrastructure Monitoring integration, use the service topology tree included in the content pack to monitor multiple cloud integrations all in one place. The following image shows the populated service topology tree:

This image shows the final Splunk Infrastructure Monitoring service topology tree. Each service is green. The Azure Functions service is selected and the side bar shows the individual KPIs within the service.
Last modified on 28 August, 2023
PREVIOUS
Troubleshoot the VMware vSphere entity integration in ITSI
  NEXT
Splunk Infrastructure Monitoring integration requirements for ITSI

This documentation applies to the following versions of Splunk® IT Service Intelligence: 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.5, 4.11.6, 4.12.0 Cloud only, 4.12.1 Cloud only, 4.12.2 Cloud only, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.14.0 Cloud only, 4.14.1 Cloud only, 4.14.2 Cloud only, 4.15.0, 4.15.1, 4.15.2, 4.15.3, 4.16.0 Cloud only, 4.17.0, 4.17.1, 4.18.0, 4.18.1


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters