Configure the Splunk OpenTelemetry Collector 🔗
The collector is configured using the following files:
agent_config.yaml, which is the recommended starting configuration for most environments. This is the default configuration file for the Linux (Debian/RPM) and Windows Installer collector packages.
full_config_linux.yaml, which is an extended configuration. This configuration requires
opentelemetry-collector-contribor a distribution based on
Fluentd, which is used to collect logs. Fluentd is applicable to Helm or installer script installations only. Common sources including filelog, journald, and Windows Event Viewer are included in the installation. See the Fluentd configuration documentation for more information.
The Fluentd directory contains the following files:
fluent.conf or td-agent.conf. These are the main Fluentd configuration files used to forward events to the Splunk OpenTelemetry Collector. The file locations are
/etc/otel/collector/fluentd/fluent.confon Linux and
\opt\td-agent\etc\td-agent\td-agent.confon Windows. By default, these files configure Fluentd to include custom Fluentd sources and forward all log events with the
@SPLUNKlabel to the Splunk OpenTelemetry Collector.
conf.d. This directory contains the custom Fluentd configuration files. The location is
/etc/otel/collector/fluentd/conf.don Linux and
\opt\td-agent\etc\td-agent\conf.don Windows. All files in this directory ending with the .conf extension are automatically included by Fluentd, including
splunk-otel-collector.conf. This is the drop-in file for the Fluentd service on Linux. Use this file to override the default Fluentd configuration path in favor of the custom Fluentd configuration file for Linux (fluent.conf).
The following is a sample configuration to collect custom logs:
<source> @type tail @label @SPLUNK <parse> @type none </parse> path /path/to/my/custom.log pos_file /var/log/td-agent/my-custom-logs.pos tag my-custom-logs </source>
You can also configure the following components: