Splunk Cloud Platform

Getting Data In

Overview of the Splunk OpenTelemetry Collector for Kubernetes

The Splunk OpenTelemetry Collector for Kubernetes is a Helm chart and validated architecture for the Splunk Distribution of OpenTelemetry Collector. The Splunk OpenTelemetry Collector for Kubernetes collects Kubernetes data including logs, metrics, and traces. It is a remote collector that runs within Kubernetes, but sends data to the Splunk platform.

Use the Splunk OpenTelemetry Collector for Kubernetes to send Kubernetes data to destinations including Splunk Cloud Platform, Splunk Enterprise, and Splunk Observability Cloud. You can build and manipulate Kubernetes pipelines, set source types and route to Splunk indexes, or mask and filter logs you want to monitor. The Splunk OpenTelemetry Collector for Kubernetes also offers advanced trace collection and support for multiline logs.

The Splunk OpenTelemetry Collector for Kubernetes is built on OpenTelemetry open standards and extends functionality of the Splunk Connect for Kubernetes. The following list highlights some benefits of the extended functionalities:

To install and configure the Splunk OpenTelemetry Collector for Kubernetes, see https://github.com/signalfx/splunk-otel-collector-chart. For more information about the Helm chart, see Splunk OpenTelemetry Collector for Kubernetes in the Splunk Validated Architectures manual.

Splunk Connect for Kubernetes will no longer be supported as of January 1, 2024. If you already use Splunk Connect for Kubernetes, see https://github.com/signalfx/splunk-otel-collector-chart/blob/main/docs/migration-from-sck.md#migration-from-splunk-connect-for-kubernetes to migrate to the Splunk OpenTelemetry Collector for Kubernetes.

To learn more about the Splunk Distribution of OpenTelemetry Collector, see Get started with the Splunk OpenTelemetry Collector in the Splunk Observability documentation.

Last modified on 21 December, 2023
Forward data with the logd input   Overview of event processing

This documentation applies to the following versions of Splunk Cloud Platform: 9.2.2403, 9.1.2308 (latest FedRAMP release), 9.1.2312, 9.0.2305


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters