icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Cancel Visit New Splunkbase Visit
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

END-USER LICENSE AGREEMENT

Splunk Websites Terms and Conditions of Use

Thank You

Downloading Monitoring Docker - Metrics and Log Forwarding
SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_522420.tgz) ee385d46279623958aab9691d994f715ca0bbd6eed2fe66016a4b2130bc95d2f SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_521410.tgz) fe0fe659cb2e1c9696e4bf659675792adc53a2b4b1473f10bd0cf79d337a23f4 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_520400.tgz) 1967b4199188c700e237ce5701b513b7e8c61bbd8679e32794cf2cea3026b8c3 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_519390.tgz) d9d7d8ca5872408fad207c89cb8f7e95d3ff73a0f05b7e9fdb28d4397c5d76c1 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_518380.tgz) 14b7895023af74c874c2025d3477d7d6f196ff71d987a5b7a7f36b8e3adffb37 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_517372.tgz) ec4d085135bf90970de338f82de7e4cee148cf5cb7b30739401f79f65692cc64 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_517370.tgz) 842bc93a55fe5a6eb86a37fa7e34f082c8e0311c6477c92209f2011ff4f76598 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_516361.tgz) bd8f09269a4ac0de19d17b281c6dc1a586dd7172c5311fb6d476c5245d3ff68d SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_516360.tgz) a8e8996f4786102ab14353b8070e46a2e42ef81ae13776224d964f4a34c44671 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_516350.tgz) 851c84a69e8ed273b232bcd09eb24545be1c962c3c93e49b7f8708226c56909b SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_515300.tgz) 110fbd74cc19d8810c7198924244255d2d2d11818bd491de1775b4325fefab98 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_514280.tgz) 24d77e0196132ccde235a7ea94a4db4c5fd0fb73cf08da3f9dfe710c64058176 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_512273.tgz) aa71ee8350d7965d3ac6ddd53b7391a98685fb881bc0991c4a8dd936bbcb63ef SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_512271.tgz) d5859977c2dc2de927105eb4334ee5fff24bd6578738dfc38a030d3981f7d4fd SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_512270.tgz) 8a61015eff65db7dcb9182d73c0cb860eb0690c4f3501117b69909346bfa4a21 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_511260.tgz) 6806c37ccdc2918e98a69ab0f8dc6f11070dabc53789ae72907346f5f52dc04d SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_510250.tgz) 16ddf0121b1a2e262fe643e0bfbc00caecab0a11b45e7500ba89b86870ff6a30 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_59240.tgz) 89acc2d2d4dc9d6ef45f35d59f31d3f92274cf6299088e52a17cbda372a1aae4 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_58231.tgz) 8f046c52dc5e84872471d57c4002c9833cfd208b11526d5d407d8516d99e38b9 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_58230.tgz) 9b6aa5333b58df9f08952a8cd217a1d39634c2bad870ac61b729ce5f3f851d53 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_57220.tgz) df8ecfa6794be15d95c2964a646f8cf404a22926468f263f7a17b60cdbcb9ac0 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_56212.tgz) b34483052aefe4206773f6c6986ccc1028146aecc5e67bd18249bce9e5730ffc SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_55202.tgz) 2f93bab0e11b76148c5fd99d87552f97724d356808fb2823fb667e0513352c37 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_54201.tgz) b3e0166bcc9b5bb43263b91bed32c4d2f423d9f7b71c1b1ef7e5f69182272bcf SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_54200.tgz) 11a074a9f074972e5a6774c9601db3dd2f1b962ad83b3c9af3c3de90b55f23ce SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_53190.tgz) 73e3dda06d3fcadaa913e1d6b754c0cbe2d66b2e0f020d22526624af2c1fcd8b SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_52180.tgz) 3291125f2a1831ec07ca82af632bee96dba9f6901481ef57a8d463188b546db1 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_52176.tgz) 39b0588f2a581cd2d67f067755374cb2a7e7ac62c6ccfa7be7482ddc27da9c5f SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_51175.tgz) efb9708fcdd04af84edf36e5ecddafcf2f5c2bb9b6c06270157a965c74c8bbdf SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_50174.tgz) 0db661e33919ba55df4d91fd09bbe586efdd2c58774b69210fa4340b07ccdb84 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_3022.tgz) dbee25eab9531c7fa61540b22aee355c9fbbf2ec1710e8d5ddd0c700fa3cd309 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_2121.tgz) 9f2f436243048cc89a3ef38782f5163085df1663ea32d5aeb4def01ee1665499 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_2118.tgz) 26a28882255960231da75505c218c626c561dfdfe1f9520fc448bd9635254761 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_2017.tgz) 2af70966fad7d8bc64f9c81b1aeaa6f63a008157692bec43c6269a1bf5c1dc07 SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_103.tgz) fe4722a0a1f898a2660818edcbadbb6e75e22d1b52322be8ef71ca5e113181ef SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_101.tgz) f0e01f1799c6b530bf26127869402c88cb27b398e49df5be06aef6e5818d716c SHA256 checksum (monitoring-docker-metrics-and-log-forwarding_10.tgz) 511c955678fadb1cc73b6a91f3e98c67e93883c64677a621d1780889b3dc7af4
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate
splunk

Monitoring Docker - Metrics and Log Forwarding

Splunk Cloud
Overview
Details
Focus on your applications, we will take care of infrastructure monitoring and logs forwarding.

Use cases

- Application Monitoring
- Log Aggregation
- Cluster Health Monitoring
- Security and Audit
- Reduce complexity and improve productivity

With 10 minutes setup, you will get a monitoring solution, that includes log aggregation, performance and system metrics, metrics from the control plane and application metrics, a dashboard for reviewing network activity, and alerts to notify you about cluster or application performance issues.

An application requires Collectord built by Outcold Solutions, see https://www.outcoldsolutions.com/docs/monitoring-docker/

Overview

Outcold Solutions provide solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. We offer Splunk applications, which give you insights across all containers environments. We are helping businesses to reduce complexity related to logging and monitoring by providing easy-to-use and deploy solutions for Linux and Windows containers. We deliver applications to help developers monitor their applications and operators to keep their clusters healthy. With the power of Splunk Enterprise and Splunk Cloud, we offer a unique solution to help you keep all the metrics and logs in one place, allowing you to quickly address complex questions on container performance and cluster health.

Description

We provide solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. With 10 minutes setup, you will get a monitoring solution, that includes log aggregation, performance and system metrics, metrics from the control plane and application metrics, a dashboard for reviewing network activity, and alerts to notify you about cluster or application performance issues.
All our solutions are powered by the Collectord, a container-native software built by Outcold Solutions that provides capabilities for discovering, transforming and forwarding logs, collecting system metrics, collecting metrics from the control plane of the orchestration frameworks and forwarding network activity. Collectord provides flexible and powerful tools for transforming logs. With our software you can hide sensitive information from the loglines before forwarding them. With Collectord you can reduce the licensing costs associated with logging aggregation by choosing which data you want to forward from the log streams. Collectord forwards container logs, host logs and can discover logs written by the containerized applications.

Use cases

Application Monitoring

See detailed metrics from containers and processes, including performance metrics, utilization metrics and security insights. Forward application-specific metrics, exported in Prometheus format. Use prebuilt Splunk dashboards for a comprehensive overview.

Log Aggregation

Aggregate logs from containers, applications, and servers. Use flexible mappings to filter logs enriched with container metadata, correlate logs with metrics, and leverage Splunk capabilities for analyzing logs. Use Collectord to transform logs before they reach Splunk, remove sensitive information, remove PII data to help keep your logs GDPR compliant. With Collectord you can reduce licensing and storage costs by choosing which loglines you want to forward.

Cluster Health Monitoring

Diagnose cluster issues by looking at historical events, monitoring allocations, and regulating cluster capacity. Leverage pre-built alerts for monitoring the health of the clusters out of the box.

Security and Audit

Define access to the data by clusters, namespaces and even pods or containers. Review network activities, happening inside your cluster, and outside connections. Verify containers running with elevated security permissions. Use audit logs for monitoring changes in deployments.

Reduce complexity and improve productivity

Use one tool to collect and forward logs and metrics required by developers for reviewing performance and health of their applications. With the annotations developers can define how they want to see the data in log aggregation tool, specify multiline log patterns, removing terminal escape codes, override types, sources and indexes.

Links

Release Notes

Version 5.22.420
April 21, 2024

5.22.420 - 2024-04-22

Supports collectorfordocker version 5.22.x and below (see https://www.outcoldsolutions.com for latest configuration)
- Address too many data points in host dashboard in network graphs
- Additional CPU Metrics: CPU IOWait, Steal and Idle in Top Hosts dashboards.
- Showing CPU IOWait in Host dashboard.
- New dashboard Review->Disk Stats for the host.
- Exclude virtual ethernet interfaces from host dashboard.

Collectord updates:
- Allow disabling IP address Lookup in net_socket_table input.
- Better handling of zombie processes in proc_stats input.
- Allow configuring user Splunk outputs using CDR SplunkOutput.
- Allow blacklisting labels from forwarded metadata.
- When onVolumeDatabase is used Collectord verifies that volume supports locking.
- Add additional metrics CPU IOWait, Steal and Idle.
- Monitoring disk stats for the host.
- Add input disk_stats.
- New diagnostic - CPU Vulnerabilities.
...
Version 5.21.410
Oct. 14, 2023

5.21.410 - 2023-10-16

Supports collectorfordocker version 5.21.x and below (see https://www.outcoldsolutions.com for latest configuration)
- Compatibility updates for the version 5.21 of Collectord
- New Dashboard: Review -> CPU (Throttled, Quota, Shares)
- Alert update: Container CPU Throttled
- Network tables update: show UDP connections for Host, Containers, and Services
- Network Connection Dashboard: allows filtering by namespaces

Collectord updates:
- Support for global replace configurations for Collectord, allowing to sanitize data before forwarding to Splunk
- Support journald as logging driver for container logs
- Support Podman as a runtime (with journald as a logging driver for container logs)
- When both volatile and persistent journald destination exist, Collectord will identify which has the most recent data
- Allow sending to Splunk more precise timestamps for the events
- Compatibility updates for latest version
Version 5.20.400
April 9, 2023

5.20.400 - 2023-04-17

Supports collectorfordocker version 5.20.x and below (see https://www.outcoldsolutions.com for latest configuration)
- Compatibility updates for the version 5.20 of Collectord

Collectord updates:
- Multi-architecture images for amd64 and arm64
- Allow sending logs to multiple Splunk HEC endpoints simultaneously
- Collectord produces diag file without performance data, if flag --include-performance-profiles is not set
- Use IMDSv2 for AWS metadata
- Performance improvements for an acknowledgement database
- Improvements for the acknowledgement database on how long Collectord keeps the data by refreshing the state, if file still exists on the disk
- Upgrade Go language runtime to 1.20.3
- Collectord verifies that only one Collectord instance can access the data folder, where Collectord stores its state
- Remove automatic watching for Docker runtime on Kubernetes/OpenShift hosts
...
Version 5.19.390
Oct. 16, 2022

5.19.390 - 2022-10-17

Supports collectorfordocker version 5.19.x and below (see https://www.outcoldsolutions.com for latest configuration)
- New alert for Collectord alarms for node diagnostics (reboot required, and entropy)
- Review->Storage: added Volumes list based on /system/df output (size and refCount)

Collectord updates:
- Splunk output supports maximumMessageLength to truncate messages exceeding this size
- Splunk output supports requireExplicitIndex to ignore all events that don't have explicit index defined
- Collectord monitors if node requires reboot
- Allow to forward volumes stats using /system/df API
- Upgrade go runtime to 1.19.2
- Beta: weighted splunk output algorithm when multiple threads used
- Bug fix: if docker API input fails it can clog the output
...
Version 5.18.380
April 19, 2022
  • Cluster filter on Events dashboard
  • Rewrite CPU throttled alert to make it less verbose
  • Memory usage now reports memory without caches and memory that can be freed.
  • Support cgroupv2

Collectord updates:
- Support cgroupv2
- New ability to specify the message field name for the logs extraction with annotations extractionMessageField
- Collectord improves grace period for expired licenses allowing to bootstrap new nodes for 14 days
- Support of journald database written with systemd library 247+
- Upgrade go runtime to 1.17.9
- Bug fix: cleanup the diag, exclude the real license key
- Bug fix: collectord reports high CPU usage for just started containers or hosts
- Bug fix: update pods/container labels when user updates them (prior restart was required)
- Bug fix: set now as a date for container logs with corrupted log files instead of 0 timestamp
- Bug fix: include the values of whitelists and blacklists in diag...
Version 5.17.372
Jan. 27, 2022
  • Added version=1.1 to all dashboard for compatibility with Splunk Cloud and pass AppInspector
Version 5.17.370
Oct. 15, 2021

5.17.370 - 2021-10-20

  • Show milicores/cores CPU usage instead of percents
  • Bug fix: logs might not be queried in the application in some Splunk versions
  • Bug fix: storage dashboard might not render in some Splunk versions
    Collectord updates:
  • Upgrade to Go 1.17.2
  • Support query in Prometheus URLs for metrics
  • Collectord now reports source and source type for the events with incorrect index
  • Support for licensing server
  • Support for CPU-based licenses
  • Allow to specify multiple values for blacklist and whitelist for host logs
  • Bug fix: Collectord clogs the output with WARN messages for stopped containers running with Containerd
  • Bug fix: Containers with not set requests might show 1core request by default
  • Bug fix: Collectord clogs the output with WARN messages about closed Splunk outputs
    ...
Version 5.16.361
March 17, 2021
  • Bug fix: use correct units for Memory and Storage (MiB, MB, Mb)
  • Bug fix: Collectord metrics request time shows the summary on the period, not the individual request times

Collectord updates:

  • ARM64 image
  • Upgrade to Go 1.16.2
  • Bug fix: precise time to Splunk HEC, sending with milliseconds instead of nanoseconds (which are incorrectly ronded by HEC)
  • Bug fix: first sample of the container can record above 100% of the CPU usage, as the values are pretty low
  • Bug fix: verify command does not respect glob patterns for Prometheus inputs (certs, tokens)
  • Bug fix: trim spaces in token value for Prometheus inputs
  • Bug fix: better recovery from corrupted journald
Version 5.16.360
March 17, 2021

5.16.360 - 2021-03-16

  • Bug fix: use correct units for Memory and Storage (MiB, MB, Mb)

Collectord updates:

  • ARM64 image
  • Upgrade to Go 1.16.2
  • Bug fix: precise time to Splunk HEC, sending with milliseconds instead of nanoseconds (which are incorrectly ronded by HEC)
  • Bug fix: first sample of the container can record above 100% of the CPU usage, as the values are pretty low
  • Bug fix: verify command does not respect glob patterns for Prometheus inputs (certs, tokens)
  • Bug fix: trim spaces in token value for Prometheus inputs
  • Bug fix: better recovery from corrupted journald
Version 5.16.350
Dec. 15, 2020
  • New dashboard: Collectord metrics

Collectord updates:

  • Annotations for collecting prometheus metrics: authorization keys and CAName for SSL certificates
  • Improvement for DNS resolutions of Splunk output FQDN
  • Export internal collectord metrics in Prometheus format
  • Forwarding internal collectord metrics to Splunk
  • For the watch objects inputs being able to hide management fields
  • In the diag include all open file descriptors
  • Upgrade go runtime to 1.14.13
  • Remove \0 symbol from the labels values in the prometheus metrics
  • Allow to filter host logs with blacklist and whitelist
  • Bug fix: less verbose warnings about not being able to load resources from API server
  • Bug fix: performance improvements for Ack DB
  • Bug fix: custom prometheus metrics forwarded by Collectord do not include cluster field or custom user fields
  • Bug fix: addon pod terminates faster
  • Bug fix: verify command trying to post to all outputs with all indexes specified in the configuration
  • Bug fix: crash in AckDB
    ...
Version 5.15.300
June 1, 2020

5.15.300 - 2020-06-01

Requires collectorfordocker version 5.15.300 or above (see https://www.outcoldsolutions.com for latest configuration)

Collectord updates:

  • Support for annotations to add custom user fields to data
  • Support for blacklisting and whitelisting Prometheus metrics (significally reducing the indexing cost of data)
  • Verify command improvements - verify proper configurations for cgroup (memory/memory.use_hierarchy is 1)
  • Bug fix: fix bug in prometheus metrics parser, empty fields can be filled with previous fields
  • Bug fix: occasionally addon can report warnings about trying to delete expired keys from ack db
  • Bug fix: better handle of connections to metrics endpoints exported in Prometheus format
  • Bug fix: http connections improvements for when Splunk is unresponsive
  • Bug fix: broken diag
Version 5.14.280
Jan. 24, 2020
  • Logs dashboard: filters depend on selection

Collectord updates:

  • Support templates in the index, source and sourcetype
  • Allow to exclude indexed fields when forwarding to Splunk
  • Support annotation for stats interval for containers
  • Bug fix: verify command can show incorrect error about verifying journald input
  • Bug fix: index on namespace should set index for application logs
Version 5.12.273
Dec. 16, 2019

5.12.273 - 2019-12-16

Requires collectorfordocker version 5.12.272 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Bug fix: Swarm Services dashboard compatibility with the new format of metrics
Version 5.12.271
Nov. 7, 2019

5.12.271 - 2019-11-07

Requires collectorfordocker version 5.12.271 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Improvements for the macros for backward compatibility
  • Bug fix: Swarm Services dashboard could not filter based on the stack name

Collectord updates:
- Bug fix: when event pattern is used for joining multi-line events, the error can not be showed if raised by the input in pipeline.
- Bug fix: reduce warnings failed to get the new event in pipeline - submitted
- Stability improvements
Version 5.12.270
Oct. 18, 2019
  • Compact metrics (pre-calculated on Collectord side)
  • Switched stats for host and cgroup in different macros
  • Containers count for hosts on Hosts and Host dashboards
  • Improve performance of the search in Docker Services and ECS Services dashboards
  • Use base macro for alerts
  • Add cluster name in the alert results

Collectord updates:

  • Describe command to see applied annotations for containers
  • Bug fix: panic when pipe join configuration is removed
  • Bug fix: panic when proc stats is enabled and cgroup stats is disabled
  • Bug fix: support ProxyBasicAuthorization for license server checks
  • Bug fix: Fix for collecting first sample (can show high CPU usage for first sample)
  • Beta: dynamic index, source and sourcetype names based on the metafields
  • Beta: cluster diagnostics with one ru
Version 5.11.260
Sept. 9, 2019

5.11.260 - 2019-09-09

Requires collectorfordocker version 5.11.260 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Bug fix: changing source type does not allow to use Swarm and ECS services dashboards
  • Bug fix: improving usability of Swarm and ECS services dashboards for large deployments

Collectord updates:

  • Bug fix: duplicate events then pipeline is getting throttled
  • Bug fix: don't use throttling for devnull output
  • Bug fix: better recovery for ack db corruption
  • Bug fix: crash on journald input initialization when ack db is corrupted
  • Bug fix: annotations joinmultiline requires joinpartial
  • Bug fix: configurations for stdout only with annotations can crash collectord
  • Set events = 50 by default for Splunk output batches
Version 5.10.250
June 15, 2019
  • Cluster field filters
  • Base macro for overriding macros for other macros

Collectord updates:

  • Support for volatile and persistent journald storage with default configuration
  • Updated YAML configuration to include most common resources
  • Better support for overriding sourcetype, that does not require to update the Splunk macros
  • Bug fix: rarely when collectord fails to post to HEC it can panic
  • Bug fix: better support for OpenShift 4.x and CRI-O storage
  • Bug fix: space characters in index annotations can break the pipeline
Version 5.9.240
May 13, 2019

5.9.240 - 2019-05-14

Requires collectorfordocker version 5.9.240 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Visual improvements on the graphs for the number of logs and events

Collectord updates:

  • Support for multiple Splunk destinations (outputs)
  • Support subdomains for annotations (to deploy multiple collectord instances)
  • Bug fix: journald input keeps fd open to the rotated files
  • Bug fix: fix in the annotation parser for the interval annotations
  • Bug fix: fix splunk url selection configuration for multiple splunk URLs
Version 5.8.231
April 25, 2019

5.8.231 - 2019-04-25

  • Bug fix: Collectord usage report shows trial licenses for all instances
Version 5.8.230
April 20, 2019

5.8.230 - 2019-04-22

Requires collectorfordocker version 5.8.230 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Bug fix: Swarm dashboard does not render containers, when namespace field is not available.
  • Use multiselect filters for most dashboards and filters with possibility to input custom filters.
  • Reduce dedup usage to improve performance on dashboards.

Collectord updates:

  • Bug fix: clogging collectord output with errors when incorrect index is used.
  • Bug fix: short lived containers can results in duplicating logs.
  • Bug fix: clogging collectord output with warnings when kernel reports incorrect VmRss size.
  • Bug fix: annotations cannot override timestamp location for fields extraction.
  • Bug fix: verify command reports Journald input in incorrect place.
  • Better support for cgroup symlinks, automatically discover correct location.
Version 5.7.220
March 16, 2019

Requires collectorfordocker version 5.7.220 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Review savedsearches/alerts to support indexing delay (start searches from 2 minutes behind) and run them in more random time.
  • Fixed single value memory panel on host dashboard (missed span)
  • Use SEGMENTATION=none for stats events to use less disk space (needs to me moved to indexers)

Collectord updates:

  • Support hostname formatting with environment variables in configuration
  • New rotated file logic uses less file descriptors and frees rotated files quicker
  • Allow to specify a default sampling value for container logs
  • Reimplemented shutdown sequence to stop collectord faster
  • Allow to override sampling percent with annotations
  • New Input: journald
Version 5.6.212
Feb. 19, 2019

5.6.212 - 2019-02-19

Requires collectorfordocker version 5.6.212 or above (see https://www.outcoldsolutions.com for latest configuration)

  • New: Alert: high CPU usage on the host.
  • Fixed: Splunk usage dashboard - charts do not show the data, when the used indexed aren't searchable by default.
  • New: Support Dark theme.
  • New: Free text search in Logs dashboard.
  • New: Add auto-refresh options to the dashboard.
  • Fixed: Revisited CPU limits and requests for Pods and Containers.

Read more https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/
Version 5.5.202
Jan. 23, 2019

5.5.202 - 2019-01-24

Requires collectorfordocker version 5.5.202 or above (see https://www.outcoldsolutions.com for latest configuration)

  • New: Dashboard Services -> AWS ECS. Review containers running as an ECS Service.
  • New: Dashboard Services -> Swarm Services. Review containers running as a Swarm Service.

Collectord updates:
- Fixed: Interval 0 in Prometheus input can crash the collectord.
- Fixed: When both glob and match are set for the application logs, the glob pattern can block the match pattern from
finding the files in the volume.
Version 5.4.201
Dec. 20, 2018

5.4.201 - 2018-12-19

Requires collectorfordocker version 5.4.201 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Fixed: Alerts for licenses issued with AWS Subscriptions

Collectord updates:
- Fixed: Better handling rotated files (less open fd)
- Fixed: Events input can hang in the err loop.
Version 5.4.200
Dec. 16, 2018

5.4 - 2018-12-17

Requires collectorfordocker version 5.4 or above (see https://www.outcoldsolutions.com for latest configuration)

  • Compatibility update for collectord 5.4.

Collectord updates:
- New: Attach EC2 metadata fields
- New: Basic Auth for Proxy (License Server and Splunk)
- Fixed: Collectord verifies reports CRI-O as unsupported runtime.
- Fixed: Rare crash on Prometheus metrics definition.
- Fixed: Better handling of acknowledgment database corruption.
- Fixed: When handling incorrect indexes, collectord can send index with an empty string, that Splunk recognize as an incorrect index
Version 5.3.190
Nov. 17, 2018

5.3 - 2018-11-19

Requires collectorfordocker version 5.3 or above (see https://www.outcoldsolutions.com for latest configuration)

  • New: Alert for showing when Collectord reports errors in Processing pipelines (as an example if it failed to extract fields).
  • New: Alert for showing when Collectord reports warnings.
  • New: Alert if lag in the indexing of the data.
  • New: Splunk Usage (License usage, number of events) report under Setup.

Read more https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/
Version 5.2.180
Oct. 28, 2018

5.2.180 - 2018-10-28
- Fixed: lookup with alerts causing very often replication activities on SHC

5.2 - 2018-10-15

Requires collectorfordocker version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

  • New: Review/Storage dashboard based on storage metrics.
  • New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
  • Fixed: Performance improvements
    ...

For details https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/
Version 5.2.176
Oct. 15, 2018

5.2 - 2018-10-15

Requires collectorfordocker version 5.2 or above (see https://www.outcoldsolutions.com for latest configuration)

  • New: Review/Storage dashboard based on storage metrics.
  • New: predefined alerts to help you monitor the health of the clusters and performance of the applications.
  • Fixed: Performance improvements
    ...

For details https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/
Version 5.1.175
Sept. 17, 2018
  • New: Network metrics (MB, Packets, Drops, and Errors) for host and containers.
  • New: Network socket tables (list of the port that containers and hosts are listening on, connections to external resources).
  • New: Network review dashboard to see the list of connection to public services and in private network.
  • Improvement: Replace python-based lookup with a ​macro written with eval.
  • Improvement: Visual improvement for showing when the object was Last Seen (highlighting and showing minutes ago).
    ...

For details:
https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/
Version 5.0.174
Sept. 4, 2018

Highlights:

  • Support for Application logs
  • Show Memory and CPU limits for container lists.
  • Visual updates for the panels, highlighting high CPU and Memory usages

For more details

https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/
Version 3.0.22
Feb. 9, 2018

New security dashboard, CPU Shares, Quotas and Memory Limits monitoring.
A lot of of bug fixes and performance improvements.

Relese Notes: https://www.outcoldsolutions.com/docs/monitoring-docker/release-history/#30-2018-02-07
Upgrade instructions: https://www.outcoldsolutions.com/docs/monitoring-docker/upgrade-2-to-3/
Requires collectorfordocker version 3.0 or above (see https://www.outcoldsolutions.com for latest configuration)
Version 2.1.21
Jan. 2, 2018

2.1.21 - 2018-01-02

Requires collectorfordocker version 2.1.59.171209 or above

  • Updated author and description

2.1.18 - 2017-12-09

  • Implemented collectors dashboard to track number of collectors, their versions
    and used licenses.
  • Fallback to the process IO statistics when blkio is not available.
  • Fix IO statistic graphs, showed average, when sum should be used.
  • [collector] Improved resistance for storage failures.
  • [collector] License checks reporting.
Version 2.1.18
Dec. 10, 2017

2.1.18 - 2017-12-09

Requires collectorfordocker version 2.1.59.171209 or above

  • Implemented collectors dashboard to track number of collectors, their versions
    and used licenses.
  • Fallback to the process IO statistics when blkio is not available.
  • Fix IO statistic graphs, showed average, when sum should be used.
  • [collector] Improved resistance for storage failures.
  • [collector] License checks reporting.
Version 2.0.17
Oct. 24, 2017

2.0 - 2017-10-22

Requires collectorfordocker version 2.0.37.171023 or above

  • Better labels support in Dashboards.
    Collector has a breaking feature, replacing format for labels from
    docker_labels_LABEL1=VALUE1 to docker_labels=[LABEL1=VALUE1,LABEL2=VALUE2].
  • Process level metrics.
  • Uptime for hosts and processes.
  • Fields extraction and support in dashboards for docker daemon (setup
    host logs collection with collector).
  • New top-like dashboards allow to monitor Hosts/Containers/Processes in realtime.
  • Improved dashboards navigation.
  • Other bugs and improvements based on user feedback.
Version 1.0.3
Oct. 13, 2017

Updated links to official documentation on how to install collector.
Version 1.0.1
Sept. 23, 2017
  • App Certification
  • Fix layout, time/period synchronization between stat graphs
Version 1.0
Sept. 22, 2017

Initial release
Docker logs, metrics and events in one place
9,769
Downloads
Share Subscribe LOGIN TO DOWNLOAD
Version
Built by
Outcold Solutions LLC
Support
Developer Supported
Contact Developer Questions on Splunk Answers Flag as inappropriate
Compatibility
This version of the app (5.17.370) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.16.361) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.16.360) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.16.350) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.15.300) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.14.280) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.12.273) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.12.271) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.12.270) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.11.260) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.10.250) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.9.240) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.8.231) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.8.230) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.7.220) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.6.212) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.5.202) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.4.201) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.4.200) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.3.190) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.2.180) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.2.176) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.1.175) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (5.0.174) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (3.0.22) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (2.1.21) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (2.1.18) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (2.0.17) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (1.0.3) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (1.0.1) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
This version of the app (1.0) is not available for Splunk Cloud. However, version 5.21.410 of this app is available for Splunk Cloud.
Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise
Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.3, 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.2, 7.1, 7.0 Platform: Platform Independent Splunk Versions: 7.0 Platform: Platform Independent Splunk Versions: 7.0 Platform: Platform Independent Splunk Versions: 7.0 Platform: Platform Independent Splunk Versions: 7.0 Platform: Platform Independent Splunk Versions: 7.0 Platform: Platform Independent Platform: Platform Independent
Licensing
END-USER LICENSE AGREEMENT
Category & Contents
Categories: IT Operations, IoT & Industrial Data
App Type: App
Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Submit New Splunk App Dev Resources
PLATFORM
Data-to-Everything Platform
Splunk Cloud
Splunk Enterprise
Splunk Machine Learning Toolkit
Splunk Data Stream Processor
Pricing
Free Trials & Downloads
SECURITY PRODUCTS
Splunk Enterprise Security
Splunk Phantom
Splunk Mission Control
Splunk User Behavior Analytics
IT OPERATIONS & OBSERVABILITY PRODUCTS
Splunk Infrastructure Monitoring
Splunk IT Service Intelligence
Splunk Application Performance Monitoring
Splunk On-Call
SOLUTIONS BY INITIATIVE
Cloud Transformation
SOLUTIONS BY FUNCTION
Security
IT
Devops
SOLUTIONS BY INDUSTRY
Aerospace & Defense
Communications
Energy & Utilities
Financial Services
Healthcare
Higher Education
Manufacturing
Nonprofits
Online Services
Public Sector
Retail
WHY SPLUNK?
Why Splunk?
Customer Stories
Partners
Data-to-Everything
Diversity & Inclusion
SUPPORT
Support Portal
Support Programs
Splunk Answers
Contact Us
Product Security Updates
RESOURCES
Events
Webinars
Blogs
Customer Success
Expert Services
Data Insider
View All Resources
FOR DEVELOPERS
Documentation
Best Practices
Get Started with Splunk
Training & Certification
User Groups
Community
Splunkbase
Splunk dev
COMPANY
About Splunk
Careers
Leadership
Splunk for Good
Splunk Ventures
Splunk Protects
Newsroom
COVID-19 Response
SPLUNK SITES
.conf
Splunk Live!
T-Shirt Store
Investor Relations
Follow Us:
© 2005-2024 Splunk Inc. All rights reserved.
Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents | Report a Problem
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.