search

splunk / docker-itmonitoring

Get Started with Streaming your Docker Logs and Stats in Splunk!
http://www.splunk.com/containers
Apache License 2.0
68 stars 21 forks source link

app-docker on Instance with universalforwarders-monitor as containers #5

Open alvarow opened 7 years ago

alvarow commented 7 years ago

Hello, I am unable to see most of my stats coming from a container.

I am trying to graph 4 of my AWS ECS instances using the 6.5.2-monitor universal forwarder container. I have copied the app-docker and dockerlogs_fileinput on the Splunk head+indexer (it's on a EC2 instance) and I see the app fine, just most of the graphs do not render. I get the list of containers and their status on a table on "Docker Overview" and I see a lot of docker source types if I query the main index, and they all have data in them. It seems there is some problem while correlating the container names for the graphs on the app-docker.

Any ideas on how to troubleshoot?

mchene commented 7 years ago

Have you deployed the Splunk UF as a global service in Amazon ECS?

alvarow commented 7 years ago

I am not sure what you mean by a global service ... I have my splunk EC2 instance running, and I was able to configure a container with the forwarder to gather metrics from my ECS instance... but only works if I am running one instance. I think the changes merged today with the look ups may fix that... I check it out.

alvarow commented 7 years ago

Hi seems the containers were not updated with the newer code, I just pulled splunk/universalforwarder:6.5.2-monitor and it is still the old build

                "SPLUNK_PRODUCT=universalforwarder",
                "SPLUNK_VERSION=6.5.2",
                "SPLUNK_BUILD=67571ef4b87d",

Is this getting push to the registry?

Thanks