Instana Blog

Date: November 3, 2019

Maximizing the Value of Splunk with Instana

Coding and logging are naturally related. Nearly everyone starts by printing ‘Hello World!’ to the console. But your code is not the only thing that writes out log messages. The entire tech stack, including the operating system and every other piece of software, also writes out log messages. There’s a mature market of tools that ship, aggregate, and index logs. Instana is proud to now fully support the market leader, Splunk.

Where Splunk fits

Instana enables automatic code observability with our AutoTrace™ technology for most language runtimes across many platforms. AutoTrace™ automatically captures log messages that are at ‘WARN’ or higher. The log messages are then indexed and easily searchable, taking you directly to the traces that contain the log message.

Word Image 108

While this capability covers several use cases, there are a few others that can be addressed. It is important to remember that every program produces logs, with many of them being written in C/C++ which makes them difficult to be automatically observable. Also, when debugging a tricky issue it can be beneficial to gather additional information from log messages even if they’re below the ‘WARN’ level.

These areas are where log aggregation technologies like Splunk show their value. With Splunk, all of your logs are in one place, fully indexed, and searchable. Instana links directly to the matching log entries. The fields from the log files are extracted and indexed making it easy to click into specific log entries based on fields such as: Docker container identifier, host name, and Kubernetes Pod identifier from the Instana UI.

Splunk integration in action

To create screenshots of this integration we used Kubernetes on GKE with Stan’s Robot Shop (a sample microservice application) deployed along with Fluentd using the Splunk HTTP Event Collector (HEC) shipper sending logs to Splunk.

Word Image 109

This Instana dashboard shows the details of a Kubernetes (K8s) Pod and, because a logging integration has been configured, there is an additional dropdown to quickly navigate to the matching log entries. Most users would only configure one logging integration, but for the purposes of these screenshots two integrations have been configured.

Word Image 110

When clicking into the logs, the logging dashboard opens in a new tab on your browser. The search term is pre populated with context and the time range that matches the Instana dashboard you were viewing when you clicked through. In this screenshot you can see that there are additional ‘INFO’ level messages that could potentially be useful to identify why your code is not doing what you think it should be.

Best of breed

Instana is the best of breed solution for monitoring cloud-native, containerized microservice applications. Instana is focused on the challenges presented by these complex, highly dynamic environments, rather than trying to be a Jack of all trades. By integrating with other best of breed solutions for log aggregation, Instana gives you the freedom to choose the solutions that best cover all of your unique use cases.

14 days, no credit card, full version

Free Trial

Sign up for our blog updates!
|
Category: Announcement, Featured, Product
CRI-O is a Cloud Native Computing Foundation incubating project. According to their website, “CRI-O is an implementation of the Kubernetes...
|
Category: Announcement, Featured, Product
Kubernetes (K8s) is an open source project that was originally created by Google. It was designed to help organizations automate...
|
Category: Announcement, Developer, Featured, Product
Logging is a natural part of coding. Who did not start with printing “Hello World” back to the console? It's...

Start your FREE TRIAL today!

Free Trial

About Instana

As the leading provider of Automatic Application Performance Monitoring (APM) solutions for microservices, Instana has developed the automatic monitoring and AI-based analysis DevOps needs to manage the performance of modern applications. Instana is the only APM solution that automatically discovers, maps and visualizes microservice applications without continuous additional engineering. Customers using Instana achieve operational excellence and deliver better software faster. Visit https://www.instana.com to learn more.