Docs » Get started with the Splunk Distribution of the OpenTelemetry Collector » Get started with the Collector for Windows » Install the Collector for Windows with the installer script

Install the Collector for Windows with the installer script πŸ”—

The Splunk Distribution of the OpenTelemetry Collector for Windows is a package that provides integrated collection and forwarding for all data types. Read on to see how to install it using the installer script.

Note

The Splunk Distribution of the OpenTelemetry Collector comes with a default configuration, as detailed in Collector for Windows default configuration. To modify this configuration, refer to Advanced configuration for Windows.

To learn how to obtain logs, see Collect logs for the Collector for Windows.

Alternatively, you can also install the Collector for Windows:

Prerequisites πŸ”—

The Collector supports the following Windows versions, depending on the installation method:

Install method

Supported versions (64-bit)

Installer script

Windows 10 Pro and Home, Windows Server 2016, 2019, 2022

Windows installer (MSI)

Windows 10 Pro and Home, Windows Server 2016, 2019, 2022

Ansible

Windows 10 Pro and Home, Windows Server 2016, 2019, 2022

Chef

Windows 10 Pro and Home, Windows Server 2019, 2022

Nomad

Windows 10 Pro and Home, Windows Server 2016, 2019

Puppet

Windows 10 Pro and Home, Windows Server 2016, 2019

Docker

Windows 10 Pro and Home, Windows Server 2019, 2022

Note

PowerShell 3.0 or higher is required.

Included packages πŸ”—

The Windows installer script installs the following packages:

Install the Collector for Windows using the installer script πŸ”—

The installer script is available for Windows 64-bit environments, and deploys and configures:

  • The Splunk Distribution of the OpenTelemetry Collector for Windows

  • Fluentd through the td-agent, which is deactivated by default

To install the package using the installer script, follow these steps:

  1. Ensure that you have Administrator access on your host.

  2. Run the following PowerShell command on your host, replacing the following variables for your environment:

& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "SPLUNK_ACCESS_TOKEN"; realm = "SPLUNK_REALM"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}

If you need to activate TLS in PowerShell, use the command:

[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12

Caution

Starting from version 0.89, the installer for the Splunk Distribution of the OpenTelemetry Collector for Windows sets its configuration using environment variables at service level instead of global level. To configure additional settings use service, process, or terminal scopes.

Start the Collector executable manually πŸ”—

If you experience unexpected start failures, try to start the Collector executable manually.

To do so, run the following PowerShell command as an Admin:

& 'C:\Program Files\Splunk\OpenTelemetry Collector\otelcol.exe' --config 'C:\ProgramData\Splunk\OpenTelemetry Collector\agent_config.yaml'

Options of the installer script for Windows πŸ”—

The Windows installer script supports the following options:

Option

Description

Default value

access_token

The token used to send metric data to Splunk.

realm

The Splunk realm to use. The ingest, API, trace, and HEC endpoint URLs are automatically created using this value. To find your Splunk realm, see Note about realms.

us0

memory

Total memory in MIB to allocate to the Collector. Automatically calculates the ballast size. See Sizing and scaling for more information.

512

mode

Configure the Collectorservice to run in host monitoring (agent) or data forwarding (gateway).

agent

network_interface

The network interface the Collectorreceivers listen on.

0.0.0.0

ingest_url

Set the base ingest URL explicitly instead of the URL inferred from the specified realm.

https://ingest.REALM.signalfx.com

api_url

Set the base API URL explicitly instead of the URL inferred from the specified realm.

https://api.REALM.signalfx.com

trace_url

Set the trace endpoint URL explicitly instead of the endpoint inferred from the specified realm.

https://ingest.REALM.signalfx.com/v2/trace

hec_url

Set the HEC endpoint URL explicitly instead of the endpoint inferred from the specified realm.

https://ingest.REALM.signalfx.com/v1/log

hec_token

Set the HEC token if it’s different than the specified Splunk access token.

with_fluentd

Whether to install and configure fluentd to forward log events to the collector. See Collect Windows logs with Fluentd for more information.

$false

with_dotnet_instrumentation

Whether to install and configure .NET tracing to forward .NET application traces to the local collector.

$false

deployment_env

A system-wide environment tag used by .NET instrumentation. Sets the SIGNALFX_ENV environment variable. Ignored if -with_dotnet_instrumentation is set to false.

bundle_dir

The location of your Smart Agent bundle for monitor functionality.

C:\Program Files\Splunk\OpenTelemetry Collector\agent-bundle

insecure

If true then certificates aren’t checked when downloading resources.

$false

collector_version

Specify a specific version of the Collector to install.

Latest version available

stage

The package stage to install from [test, beta, release].

release

collector_msi_url

When installing the Collector, instead of downloading the package, use this local path to a Splunk OpenTelemetry Collector MSI package. If specified, the -collector_version and -stage parameters are ignored.

https://dl.signalfx.com/splunk-otel-collector/
msi/release/splunk-otel-collector-<version>-amd64.msi

fluentd_msi_url

Specify the URL to the Fluentd MSI package to install.

https://packages.treasuredata.com/4/windows/td-agent-4.1.0-x64.msi

msi_path

Specify a local path to a Splunk OpenTelemetry Collector MSI package to install instead of downloading the package. If specified, the -collector_version and -stage parameters will be ignored.

msi_public_properties

Specify public MSI properties to be used when installing the Splunk OpenTelemetry Collector MSI package.

Collect logs for the Collector for Windows πŸ”—

Use the Universal Forwarder to send logs to the Splunk platform. See more at Use the Splunk Universal Forwarder with the Collector.

Collect Windows logs with Fluentd πŸ”—

If you have a Log Observer entitlement or wish to collect logs for the target host with Fluentd, use the with_fluentd = 1 option to install and enable Fluentd when installing the Collector. For example:

& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "<SPLUNK_ACCESS_TOKEN>"; realm = "<SPLUNK_REALM>"; with_fluentd = 1}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}

When activated, the Fluentd service is configured by default to collect and forward log events with the @SPLUNK label to the Collector, which then send these events to the HEC ingest endpoint determined by the realm = "<SPLUNK_REALM>" option. For example, https://ingest.<SPLUNK_REALM>.signalfx.com/v1/log.

To configure the package to send log events to a custom HTTP Event Collector (HEC) endpoint URL with a token different than <SPLUNK_ACCESS_TOKEN>, you can specify the following parameters for the installer script:

  • hec_url = "<SPLUNK_HEC_URL>"

  • hec_token = "<SPLUNK_HEC_TOKEN>"

For example (replace the <SPLUNK...> values in the command for your configuration):

& {Set-ExecutionPolicy Bypass -Scope Process -Force; $script = ((New-Object System.Net.WebClient).DownloadString('https://dl.signalfx.com/splunk-otel-collector.ps1')); $params = @{access_token = "<SPLUNK_ACCESS_TOKEN>"; realm = "<SPLUNK_REALM>"; hec_url = "<SPLUNK_HEC_URL>"; hec_token = "<SPLUNK_HEC_TOKEN>"}; Invoke-Command -ScriptBlock ([scriptblock]::Create(". {$script} $(&{$args} @params)"))}

The installation creates the main fluentd configuration file <drive>\opt\td-agent\etc\td-agent\td-agent.conf, where <drive> is the drive letter for the fluentd installation directory.

You can add custom fluentd source configuration files to the <drive>\opt\td-agent\etc\td-agent\conf.d directory after installation.

Note the following:

  • In this directory, fluentd includes all files with the .conf extension.

  • By default, fluentd collects from the Windows Event Log. See <drive>\opt\td-agent\etc\td-agent\conf.d\eventlog.conf for the default configuration.

After any configuration modification, apply the changes by restarting the system or running the following PowerShell commands:

Stop-Service fluentdwinsvc
Start-Service fluentdwinsvc

Next steps πŸ”—

After you have installed the package, see:

This page was last updated on Aug 09, 2024.