Install the Collector for Windows with the installer script π
The Splunk Distribution of OpenTelemetry Collector for Windows is a package that provides integrated collection and forwarding for all data types. Install the package using one of these methods:
Alternatively, you can manually install the Collector. To learn how, see Install the Collector for Windows manually.
Prerequisites π
The Splunk Distribution of OpenTelemetry Collector for Windows has the following requirements depending on the installation method:
Install method |
Supported versions (64-bit) |
|---|---|
Installer script |
Windows 2012, 2016, 2019, 2022 |
Windows installer (MSI) |
Windows 2012, 2016, 2019, 2022 |
Ansible |
Windows 2012, 2016, 2019, 2022 |
Chef |
Windows 2019, 2022 |
Nomad |
Windows 2012, 2016, 2019 |
Puppet |
Windows 2012, 2016, 2019 |
Docker |
Windows 2019, 2022 |
Installer script π
The installer script is available for Windows 64-bit environments, and deploys and configures the Splunk Distribution of OpenTelemetry Collector for Windows and Fluentd (using the td-agent).
To install the package using the installer script, follow these steps:
Ensure that you have Administrator access on your host.
Run the following PowerShell command on your host, replacing the following variables for your environment:
SPLUNK_REALM: This is the realm to send data to. The default isus0. See realms.SPLUNK_ACCESS_TOKEN: This is the base64-encoded access token for authenticating data ingest requests. See Create and manage organization access tokens using Splunk Observability Cloud.
& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "SPLUNK_ACCESS_TOKEN"; realm = "SPLUNK_REALM"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}
Note
If needed, activate TLS in PowerShell using the following command:
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Configure memory allocation π
To configure memory allocation, use the memory parameter.
By default, the Collector is configured to use 512 MB (500 x 2^20 bytes) of memory. To increase this setting to allocate more memory, replace SPLUNK_MEMORY_TOTAL_MIB with the desired integer value.
& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "SPLUNK_ACCESS_TOKEN"; realm = "SPLUNK_REALM"; memory = "SPLUNK_MEMORY_TOTAL_MIB"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}
Read more about Collector sizing in Sizing and scaling.
Configure proxy settings π
If you need to use a proxy, set one of the following environment variables according to your needs:
HTTP_PROXY: Address of the proxy for HTTP request. Port is optional.HTTPS_PROXY: Address of the proxy for HTTPS request. Port is optional.NO_PROXY: If you use a proxy, sets addresses that donβt use the proxy.
Restart the Collector after adding these environment variables to your configuration.
Note
For more information on proxy settings, see Configure proxy settings.
Configure fluentd for log collection π
By default, the installation configures the fluentd service to forward log events with the @SPLUNK label and
send these events to the HEC ingest endpoint determined by the realm = "<SPLUNK_REALM>" option.
For example, https://ingest.<SPLUNK_REALM>.signalfx.com/v1/log.
To configure the package to send log events to a custom HTTP Event Collector (HEC) endpoint URL with a token different than <SPLUNK_ACCESS_TOKEN>, you can specify the following parameters for the installer script:
hec_url = "<SPLUNK_HEC_URL>"hec_token = "<SPLUNK_HEC_TOKEN>"
For example (replace the <SPLUNK...> values in the command for your configuration):
& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "<SPLUNK_ACCESS_TOKEN>"; realm = "<SPLUNK_REALM>"; hec_url = "<SPLUNK_HEC_URL>"; hec_token = "<SPLUNK_HEC_TOKEN>"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}
The installation creates the main fluentd configuration file <drive>\opt\td-agent\etc\td-agent\td-agent.conf, where <drive> is the drive letter for the fluentd installation directory.
You can add custom fluentd source configuration files to the <drive>\opt\td-agent\etc\td-agent\conf.d
directory after installation.
Note the following:
In this directory, fluentd includes all files with the .conf extension.
By default, fluentd collects from the Windows Event Log. See
<drive>\opt\td-agent\etc\td-agent\conf.d\eventlog.conffor the default configuration.
After any configuration modification, apply the changes by restarting the system or running the following PowerShell commands:
Stop-Service fluentdwinsvc
Start-Service fluentdwinsvc
Start the Collector executable manually π
If you experience unexpected start failures, try to start the Collector executable manually.
To do so, run the following PowerShell command as an Admin:
& 'C:\Program Files\Splunk\OpenTelemetry Collector\otelcol.exe' --config 'C:\ProgramData\Splunk\OpenTelemetry Collector\agent_config.yaml'
Deployments π
Splunk offers the configuration management options described in this section.
Ansible π
Splunk provides an Ansible role that installs the package configured to collect data (metrics, traces, and logs) from Windows machines and send that data to Observability Cloud. See Ansible for Windows for the instructions to download and customize the role.
Chef π
Splunk provides a cookbook to install the Collector using Chef. See Chef for the installation instructions.
Nomad π
Use Nomad to deploy the Collector. To learn how to install Nomad, see Nomad.
Puppet π
Splunk provides a Puppet module to install and configure the package. A module is a collection of resources, classes, files, definition, and templates. To learn how to download and customize the module, see Puppet for Windows.
Next steps π
Once you have installed the package, you can perform these actions:
View logs and errors in the Windows Event Viewer. Search for βview logs and errorsβ on Microsoft documentation site for more information.