Docs » Get data into Splunk Observability Cloud

Get data into Splunk Observability Cloud πŸ”—

The first step toward full-stack observability using Splunk Observability Cloud is getting data from all your infrastructure, applications, and user interfaces into the following products in our suite:

Here’s a high-level overview of your options for getting data from each layer of your stack into the Observability Cloud product best suited to provide insights about your data. This diagram also provides a recommended sequence of steps. Splunk highly recommends that you perform steps 1-8 to get the most out of Observability Cloud.

Note

The following task sequence is just a recommendation. Follow the sequence that better suits your workflow and environment.

../../_images/GDI_sequence.png

Depending on your observability goals and environment, you can choose to perform only a subset of the steps. For example, this might be the case if you don’t use every Observability Cloud product, or if you don’t want to collect data from every eligible data source.

Per product integration recommendations πŸ”—

If you are not yet implementing full-stack observability as described in the diagram above, and are using only one or a few products, see the table to learn which steps are recommended, optional, or not applicable (n/a) based on which environment you want to use.

You can also get data into Observability Cloud using the Splunk Distribution of OpenTelemetry collector.

Step

Infrastructure Monitoring only

APM only

RUM only

Sends logs to Log Observer?

1. Integrate with cloud services

Recommended

n/a

n/a

Yes

2. Configure servers and clusters

Recommended

Recommended

n/a

Yes

3. Configure third-party server apps

Optional

Optional

n/a

Yes

4. Instrument homegrown apps

Optional

Recommended

n/a

Yes

5. Instrument serverless functions

Optional

Recommended

n/a

No

6. Configure homegrown apps and serverless functions to send custom data

n/a

n/a

Recommended

No

7. Instrument user interfaces

Recommended

Recommended

n/a

No

8. Use the API to send custom data

Optional

Optional

n/a

Yes


1. Integrate with cloud services to send metrics and logs πŸ”—

If you are using cloud services for your infrastructure, the first step is to integrate these services with Observability Cloud.

This integration can send:

  • Metrics and metadata; such as tags, labels and properties; to Infrastructure Monitoring

  • Logs to Log Observer (AWS and GCP)

After you’ve integrated with your cloud services, you can access your data in the following locations:

Steps πŸ”—

For example, you might want to use the guided setup if you are setting up just a few integrations, such as five or less. However, if you are setting up many integrations, such as for different accounts and regions, use the API or Terraform. Note that if you need all of the latest integration features, you might want to use the API because support might not yet be available using Terraform.

Troubleshooting πŸ”—

For help with an Amazon Web Services integration, see Troubleshoot your AWS connection.

For help with other questions, contact Splunk Observability Cloud support.

2. Configure servers and clusters to send metrics and logs πŸ”—

Install the Splunk Distribution of OpenTelemetry Collector on any servers (hosts) or in any clusters you are using as a part of your infrastructure. For example, this might mean installing the Splunk Distribution of OpenTelemetry Collector on servers running in your data center or on a virtual machine running in the cloud.

The Splunk Distribution of OpenTelemetry Collector:

After you’ve installed the Splunk Distribution of OpenTelemetry Collector and configured your servers and clusters, you can access your data in the following locations:

Steps πŸ”—

One of the benefits of using the Splunk Distribution of OpenTelemetry Collector to send your data to Observability Cloud is that Related Content, a feature that activates users to seamlessly move between key views in Observability Cloud, is easier to implement. For more information, see Related Content in Splunk Observability Cloud.

Troubleshooting πŸ”—

For help with the Splunk Distribution of OpenTelemetry Collector installation, see Troubleshoot the Collector.

For help with other questions, contact Splunk Observability Cloud support.

3. Configure third-party server applications to send metrics, logs, and traces πŸ”—

After you’ve completed step 2. Configure servers and clusters to send metrics and logs, in which you installed the Splunk Distribution of OpenTelemetry Collector on your servers (hosts) or in your clusters, you can now configure the Splunk Distribution of OpenTelemetry Collector receivers for any of these third-party applications running on your servers or in your clusters.

For example, these receivers can send data from applications; such as Apache, Cassandra, Hadoop, Kafka, and NGINX; that are running on your servers and in your clusters.

This integration can send:

  • Metrics to Infrastructure Monitoring

  • Logs to Log Observer

  • Traces to APM (SignalFx Forwarder only)

After you’ve configured the Splunk Distribution of OpenTelemetry Collector receivers for your desired server applications, you can access your data in the following locations:

Steps πŸ”—

For information about available server application receivers and how to configure them, see Available host and application monitors.

Troubleshooting πŸ”—

For help with the Splunk Distribution of OpenTelemetry Collector application receiver configuration, see Troubleshoot the Collector.

For help with other questions, contact Splunk Observability Cloud support.

4. Instrument homegrown applications to send traces, logs, and metrics πŸ”—

You can choose to instrument your homegrown applications that you’ve developed in-house to send data to Observability Cloud.

This integration can send:

  • Traces to APM

  • Logs (events) to Log Observer

  • Metrics to Infrastructure Monitoring (Java only)

After you’ve instrumented your application, you can access your data in the following locations:

Steps πŸ”—

See the instrumentation documentation for your application language:

One of the benefits of using the Splunk Distribution of OpenTelemetry Collector to send your data to Observability Cloud is that Related Content, a feature that activates users to seamlessly move between key views in Observability Cloud, is much easier to implement. For more information, see Related Content in Splunk Observability Cloud.

Troubleshooting πŸ”—

For help with application instrumentation, see Troubleshoot your instrumentation.

For help with other questions, contact Splunk Observability Cloud support.

5. Instrument serverless functions to send traces and metrics πŸ”—

You can choose to instrument your serverless functions.

Note: This step is about bringing in built-in metrics and traces. Once you have a chance to familiarize yourself with your data coming in, you can use this same instrumentation to bring in custom data. For more information, see step 7. Configure homegrown applications and serverless functions to send custom data.

This integration can send:

  • Traces to APM

  • Metrics to Infrastructure Monitoring

After you’ve instrumented your serverless functions, you can access your data in the following locations:

Steps πŸ”—

To instrument your AWS Lambda serverless functions, see Instrument serverless functions for Splunk Observability Cloud.

Troubleshooting πŸ”—

For help with instrumenting your AWS Lambda serverless functions, see Troubleshoot the Splunk OpenTelemetry Lambda Layer.

For help with other questions, contact Splunk Observability Cloud support.

6. Instrument user interfaces to send user sessions πŸ”—

You can choose to instrument browser and mobile user interfaces to monitor front-end application user experiences.

This integration sends user sessions to RUM.

After you’ve instrumented your user interfaces, you can use RUM to start reviewing key metrics and vitals, as well as investigate errors in your spans:

This screenshot shows an example of the Splunk RUM landing page

Steps πŸ”—

Troubleshooting πŸ”—

For help with instrumenting user interfaces, contact Splunk Observability Cloud support.

7. Configure homegrown applications and serverless functions to send custom data πŸ”—

Now that you have built-in data from your full stack flowing into Observability Cloud, assess whether there are custom data points you need to bring in. You can configure applications to send custom metrics and instrument serverless functions to send custom traces.

For many teams, some of the most meaningful data is custom data because you can define these data points to focus on what is most important to you in your specific environment.

For example, if you run an e-commerce site, you might configure your application to send a custom metric about the number of orders placed. You can then create a detector to receive an alert when the number of orders drops significantly. You might also configure your application to send a custom metric about how long payment processing takes. You can then create a detector to issue alerts when the processing time exceeds a threshold.

This integration can send:

  • Custom metrics to Infrastructure Monitoring

  • Custom traces to APM

After you’ve configured your homegrown applications and instrumented your serverless functions to send custom metrics and traces, you can access your data in the following locations:

Configuration steps for homegrown applications πŸ”—

Use the library for your application language:

Instrument serverless functions πŸ”—

To instrument your AWS Lambda serverless functions, see Instrument serverless functions for Splunk Observability Cloud.

Troubleshooting πŸ”—

For help with configuring homegrown applications to send custom data to Observability Cloud, file an issue in the associated client library GitHub repo.

For help with instrumenting your AWS Lambda serverless functions, see Troubleshoot the Splunk OpenTelemetry Lambda Layer.

For help with other questions, contact Splunk Observability Cloud support.

8. Use the Observability Cloud API to send custom data πŸ”—

Now that you have built-in data from your full stack flowing into Observability Cloud, assess whether there are custom data points you need to bring in. You can use the Observability Cloud API to bring in custom data.

You might want to use the API if you want to integrate with:

  • A third-party tool that provides an API/webhook integration only.

  • An application written in a language we don’t provide a library for.

This API integration can send all types of data to Observability Cloud. While you can use the API to send logs to Log Observer, we recommend using other integration types to do so. For details about which integrations can send logs to Log Observer, see Per product integration recommendations.

After you’ve configured your integration to send custom data, you can access your data in the following locations:

Steps πŸ”—

For information about using the Observability Cloud API to send custom data, see Observability Cloud REST APIs for sending traces and metrics.

Troubleshooting πŸ”—

For help with using the Observability Cloud API to send custom data, contact Splunk Observability Cloud support.

Next steps πŸ”—

Once you have your desired full stack of data coming into Observability Cloud, consider exploring the following features that can help you monitor, visualize, and coordinate team work around your data: