March 27th, 2008
Splunk for Virtualization
Posted by: erik
Topic: api, dev, platform, splunk, splunk base, tech
- Comment
- |
- Trackback
- |
- Permalink
- |
- Share This
- |
I’m looking for some help.
I’ve built a VMWare app for splunk and in the process of doing the same for Xen. These Apps use the VMWare and Xensource API’s to index everything about the VM environment. When combined with splunk instances running within the guest OS you get a very comprehensive historical picture. I’m curious are there any splunk customers out there using VMWare or Xen? I’m looking for usecases so that i better understand how to configure the apps. I’d be curious to know what types of information would be useful to capture and what types of searches would one want to perform. Both Xen and VMWare have so much data available that configuration could be complicated. I’m trying to narrow it down to several useful out of the box configurations. If your have any thoughts comment here or email me at erik at splunk dot com.
Thanks
e.
March 31st, 2008 at 1:16 pm
Interesting. I am not a splunk customer but I do use a lot of virtualization, mostly in the VMWare world.
I have been wanting to explore the APIs more closely. I would be interested in learning more about this VM for splunk apps.
April 23rd, 2008 at 7:16 am
I too work with virtualisation and mostly VMWare and would be interested in seeing what splunk could do with the data that could be extracted from the api/sdk , not got much experience programming so the api quite often feels a bit alien to me but I do have real worl experience of the kinds of things that people are interested in seeing reports or alerts on within their virtual environment and at the virtualisation layer.
April 25th, 2008 at 6:06 am
We have been using splunk on a 50gb vmware machine, and it has run flawlessly, well at least until we ran out of disk space. We are now in the process of upgrading to a larger machine.
April 30th, 2008 at 2:50 pm
I’m currently piloting a Splunk install on a virtual W2k3 server for a client .
I am also considering implementing this in my own office, where there are numerous vmware hosts and guests running at a given time, if I can work around the issue of the splunk install having slammed the door shut on my remote access (web and ssh both) to the linux machine I initially installed it on. ;)