Splunk® Supported Add-ons

Splunk Add-on for Kubernetes (Open-sourced)

Source types for the Splunk Add-on for Kubernetes

The Splunk Add-on for Kubernetes provides the following source types by default. Source types and the extent to which you can configure them depend on the sources configured in Splunk Connect for Kubernetes.

Data source Collection method Source type
Kubernetes system component logs HEC (through Splunk Connect for Kubernetes) kube:*
Kubernetes container logs HEC (through Splunk Connect for Kubernetes) kube:container:*
Kubernetes objects collected using pull HEC (through Splunk Connect for Kubernetes) kube:objects:*
Kubernetes objects collected using watch HEC (through Splunk Connect for Kubernetes) kube:objects:*:watch
Fluentd plugin monitoring logs HEC (through Splunk Connect for Kubernetes) fluentd:monitor-agent
Heapster container logs HEC (through Splunk Connect for Kubernetes) kube:container:splunk-heapster
Fluentd container logs HEC (through Splunk Connect for Kubernetes) kube:container:splunk-fluentd*
Last modified on 21 July, 2021
About the Splunk Add-on for Kubernetes   Release notes for the Splunk Add-on for Kubernetes

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters