Docs » Get started with the Splunk Distribution of OpenTelemetry Collector » Install the Collector » Install the Collector for Windows

Install the Collector for Windows ๐Ÿ”—

The Splunk Distribution of OpenTelemetry Collector for Windows is a package that provides integrated collection and forwarding for all data types. Install the package using one of these methods:

Prerequisites ๐Ÿ”—

The Splunk Distribution of OpenTelemetry Collector for Windows has the following requirements depending on the install method:

Install method

Supported versions (64-bit)

Installer script

Windows 2012, 2016, 2019, 2022

Windows installer (MSI)

Windows 2012, 2016, 2019, 2022

Ansible

Windows 2012, 2016, 2019, 2022

Chef

Windows 2019, 2022

Nomad

Windows 2012, 2016, 2019

Puppet

Windows 2012, 2016, 2019

Docker

Windows 2019, 2022

Installer script ๐Ÿ”—

The installer script is available for Windows 64-bit environments. The script deploys and configures these things:

  • Splunk Distribution of OpenTelemetry Collector for Windows

  • Fluentd (using the td-agent)

Do the following to install the package using the installer script:

  1. Ensure that you have Administrator access on your host.

  2. Run the following PowerShell command on your host, replacing the following variables for your environment:

& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "SPLUNK_ACCESS_TOKEN"; realm = "SPLUNK_REALM"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}

Configure memory allocation ๐Ÿ”—

To configure memory allocation, use the memory parameter. By default, this parameter is set to 512 MiB, or 500 x 2^20 bytes, of memory. Increase this setting to allocate more memory, as shown in the following example.

& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "SPLUNK_ACCESS_TOKEN"; realm = "SPLUNK_REALM"; memory = "SPLUNK_MEMORY_TOTAL_MIB"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}

Replace SPLUNK_MEMORY_TOTAL_MIB with the desired integer value.

Configure Fluentd ๐Ÿ”—

By default, the Fluentd service is installed and configured to forward log events with the @SPLUNK label and send these events to the HEC ingest endpoint determined by the --realm <SPLUNK_REALM> option. For example, https://ingest.<SPLUNK_REALM>.signalfx.com/v1/log.

To configure the package to send log events to a custom HEC endpoint URL, you can specify the following parameters for the installer script:

  • hec-url = "<URL>"

  • hec-token = "<TOKEN>"

The main Fluentd configuration file is installed to <drive>\opt\td-agent\etc\td-agent\td-agent.conf, where <drive> is the driver where Fluentd is installed. Custom Fluentd source configuration files can be added to the <drive>\opt\td-agent\etc\td-agent\conf.d directory after installation.

Note the following:

  • In this directory, all files with the .conf extension are automatically included by Fluentd.

  • By default, Fluentd is configured to collect from the Windows Event Log. See <drive>\opt\td-agent\etc\td-agent\conf.d\eventlog.conf for the default configuration.

After any configuration modification, apply the changes by restarting the system or running the following PowerShell commands:

Stop-Service fluentdwinsvc
Start-Service fluentdwinsvc

Deployments ๐Ÿ”—

Splunk offers the configuration management options described in this section.

Ansible ๐Ÿ”—

Splunk provides an Ansible role that installs the package configured to collect data (metrics, traces, and logs) from Windows machines and send that data to Observability Cloud. See Ansible for Windows for the instructions to download and customize the role.

Chef ๐Ÿ”—

Splunk provides a cookbook to install the Collector using Chef. See Chef for the installation instructions.

Nomad ๐Ÿ”—

Use Nomad to deploy the Collector. See Nomad for the installation instructions.

Puppet ๐Ÿ”—

Splunk provides a Puppet module to install and configure the package. A module is a collection of resources, classes, files, definition, and templates. See Puppet for Windows for the instructions to download and customize the module.

Manual ๐Ÿ”—

Splunk offers the manual configuration options described in this section.

Docker ๐Ÿ”—

Run the following command to deploy the latest Docker image:

$ docker run --rm -e SPLUNK_ACCESS_TOKEN=12345 -e SPLUNK_REALM=us0  `
               -p 13133:13133 -p 14250:14250 -p 14268:14268 -p 4317:4317 -p 6060:6060  `
               -p 8888:8888 -p 9080:9080 -p 9411:9411 -p 9943:9943 `
               --name=otelcol quay.io/signalfx/splunk-otel-collector-windows:latest
          # Use a semantic versioning (semver) tag instead of the ``latest`` tag.
          # Semantic versioning is a formal convention for determining the version
          # number of new software releases.

More information regarding the docker run command options:

  • --rm automatically removes the container when it exits.

  • -e sets simple (non-array) environment variables in the container youโ€™re running, or overwrite variables that are defined in the Dockerfile of the image youโ€™re running.

  • -p publishes a containerโ€™s port(s) to the host.

PowerShell terminal ๐Ÿ”—

Do the following to install the package from a PowerShell terminal:

  1. Download the Windows MSI package (64-bit only) from GitHub releases.

  2. Run the following command in a PowerShell terminal. Replace PATH_TO_MSI with the full path to the downloaded package. For example, C:\your\download\folder\splunk-otel-collector-0.4.0-amd64.msi:

    PS> Start-Process -Wait msiexec "/i PATH_TO_MSI /qn"
    
  3. Update all variables in the configuration file as appropriate. See the next section for the steps to do this.

  4. Start the splunk-otel-collector service by rebooting the system or running the following command in a PowerShell terminal:

    PS> Start-Service splunk-otel-collector
    

The package is installed to \Program Files\Splunk\OpenTelemetry Collector, and the splunk-otel-collector service is created, but not started. A default configuration file is copied to \ProgramData\Splunk\OpenTelemetry Collector\agent_config.yaml, if it does not already exist. This file is required to start the splunk-otel-collector service.

Note

The ProgramData folder is hidden by default on Windows.

Windows Installer ๐Ÿ”—

Do the following to install the package using the Windows Installer:

  1. Download the Windows MSI package (64-bit only) from GitHub releases.

  2. Double click the downloaded package and follow the instructions in the wizard.

The package is installed to \Program Files\Splunk\OpenTelemetry Collector, and the splunk-otel-collector service is created, but not started. A default configuration file is copied to \ProgramData\Splunk\OpenTelemetry Collector\agent_config.yaml, if it does not already exist. This file is required to start the splunk-otel-collector service.

More options ๐Ÿ”—

Once you have installed the package, you can perform these actions: