OpenTelemetry with Splunk distribution

Author
Priyanshu Borthakur

Before we dig deeper into how Splunk observability accentuates OTel, let's first understand what OpenTelemetry is. OTel is a CNCF incubating project, formed through a merger of the OpenTracing and OpenCensus projects. Technically speaking, It is a collection of tools, APIs and software development kits (SDKs). Use it to instrument, generate, collect and export telemetry data (metrics, logs and traces) to help you analyze your software’s performance and behavior.

 

How Splunk helps

 

       Built-in standard for o11y: From distribution of the OpenTelemetry Collector, OpenTelemetry Java, Node.JS, .NET and Python client libraries, and instrumentation packages or SDKs from hundreds of commonly used frameworks, Splunk supports automatic trace instrumentation and configuration to make it easy to get started. Plus, one can customize what's included by building from the community source.

       Powering end-to-end observability: View the status, interactions, dashboards and logs from all of your infrastructure in Splunk Observability Cloud or other observability tools. You can use OpenTelemetry to capture traces, metrics and logs from OpenTelemetry SDKs on the same host or over the networks, or from hundreds of sources, including databases, network proxies, Prometheus and Jaeger and more.

 


 

Image courtesy of Splunk

 

 

The Splunk Distribution of OpenTelemetry Collector is a distribution of the OpenTelemetry Collector. It sits on top of the Contrib version, and it bundles components from OpenTelemetry Core, OpenTelemetry Contrib, and other sources to provide data collection for multiple source platforms.

 


Image courtesy of Splunk

 

The Splunk distribution of the OpenTelemetry Collector is supported on and packaged for a variety of platforms, including:

 

       Collector for Kubernetes

       Collector for Linux

       Collector for Windows

 

Splunk Distribution of OpenTelemetry Collector use cases

 

       Remove sensitive data such PII (Personally identifiable information) : Splunk distribution helps in deleting, redacting or hashing tags from spans. Sensitive data like credit card number or credit card expiry date can be redacted from incoming spans. A snippet of configuration below


Image courtesy of Splunk

 

       Send data to other Splunk applications like Splunk Enterprise via Universal Forwarder

       Discover telemetry sources automatically: Automatic discovery and configuration helps you quickly get started with Splunk Application Performance Monitoring (APM) and Splunk Infrastructure Monitoring. The following diagram shows the process of using automatic discovery and configuration to find data sources:

           

Image courtesy of Splunk

 

Java, .NET and Node.js are the supported runtimes. Following are the hosts and applications that are supported via automatic discovery

MySQL, PostgreSQL, OracleDB, NGINX, Redis, MongoDB and Kafka

Author
Written By
Priyanshu Borthakur