Cloud customer?
Start for Free >
Upgrade in MyJFrog >
What's New in Cloud >





Working with an older version? JFrog Artifactory 6.x | JFrog Xray 2.x | JFrog Mission Control 3.x | JFrog Distribution 1.x |


Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Overview

JFrog supports integration with Splunk for log analytics and real-time observability. With this integration, you can monitor the entire operation of your JFrog Platform. 

Prerequisites

To enable Splunk to receive the unified log data, you will need to set up the HTTP Event Collector (HEC) in your Splunk deployment. You can configure HEC in Splunk Enterprise.


JFrog Subscription Levels

SELF-HOSTED

PRO 
PRO X
ENTERPRISE
ENTERPRISE+

Available for all JFrog Self-Hosted subscription levels

Page contents

Setting Up Fluentd for Splunk

To set up Fluentd for Splunk, perform the following steps:

  1. Install Fluentd logging agent on each JPD node, as shown in the Fluentd installation guide, for tailing the various JPD log files for new log lines to parse into fields.
  2. Configure the installed Fluentd agent as per the configuration that matches the JFrog application running in the node, provided in JFrog log analytics Github repo.

Viewing JFrog Log Data in Splunk

Forward the aggregated log data available through Fluentd to Splunk for searching, analyzing and visualizing the data. The JFrog Logs app for Splunk is available in Splunkbase. Download and install the app to connect the JFrog Platform log data to your existing Splunk account. Restart the Splunk instance after the app is installed from the Splunkbase. The app helps process extracted logs for the JFrog Platform and includes a diagnostic dashboard view for Artifactory and Xray.

Once the app is installed, the JFrog Logs dashboard presents timeline and count data for the following key operating metrics:

  • Log volumes, which can be filtered by type
  • Service errors
  • HTTP response codes
  • Accessed image
  • Accessed repositories
  • Data transfers in GB for uploads/downloads
  • Top 10 IPs for upload/download
  • Audit actions by username
  • Denied actions and logins by IP and username
  • Accepted deploys by username

If you need more, you can use the unified data to build your own custom dashboard widgets in Splunk, to gain the operating insights you need. For more detailed instructions on the Splunk integration refer to the JFrog github project.

  • No labels
Copyright © 2022 JFrog Ltd.