Skip to main content
Do you build apps on Splunk or are a Splunk admin? If so, we want to hear from you. Help shape the future of Splunk and win a $35 gift card!
 
 
Splunk Lantern

Getting data into Log Observer

 

Splunk Log Observer is no longer available for sale. For new customers interested in this functionality, we recommend you look into Log Observer Connect, which is free for Splunk Enterprise or Splunk Cloud Platform customers. For existing customers, Log Observer is still supported.

Splunk Log Observer is part of Splunk Observability Cloud. To get started with Splunk Observability Cloud, first follow the instructions in the Splunk Docs topic, Set up and administer Splunk Observability Cloud

After getting set up with Splunk Observability Cloud, you must start with getting data in.

Step 1: Collect infrastructure data with an OpenTelemetry Collector 

Observability Cloud supports integrations for Kubernetes, Linux, and Windows. Integrations for these data sources help you deploy a Splunk OpenTelemetry Collector to export metrics from hosts and containers to Observability Cloud.

Step 2: Verify successful data ingestion 

Verify successful ingestion of data by filtering or aggregating the log data available. Performing these basic functions will enable you to drill deeper into the ingested log data to determine whether or not the data was ingested as expected. 

You can do this by selecting the Add Filter button at the top of the search header in the Log Observer UI. Add a filter to the data that you know should be present in the ingested log data in order to verify successful data ingestion.

After you’re satisfied with how the data is ingested and is presented in Log Observer, you have completed this Getting Data In step.