首页 > 其他分享> > splunk收集collectd metric数据

splunk收集collectd metric数据

2022-01-05 21:35:45 作者：互联网

Splunk官方文档：https://docs.splunk.com/Documentation/Splunk/8.2.4/Metrics/GetMetricsInCollectd

在splunk web(http://192.168.126.128:8000/)中新建HEC token

在全局配置中确保已启用token功能：

新建token:

提交

返回token列表，可以看到token已创建：

在被监控主机上(192.168.126.129)安装collectd

[root@localhost ~]# yum -y install collectd

修改/etc/collectd.conf配置，根据自己的需求取消掉一些注释

LoadPlugin logfile
<Plugin logfile>
        LogLevel info
        File "/var/log/collectd.log"    #配置collectd自身的log，该文件会自动创建
        Timestamp true
        PrintSeverity false
</Plugin>

LoadPlugin cpu
<Plugin cpu>
  ReportByCpu true
  ReportByState true
  ValuesPercentage false
  ReportNumCpu false
  ReportGuestState false
  SubtractGuestState true
</Plugin>

LoadPlugin memory
<Plugin memory>
        ValuesAbsolute true
        ValuesPercentage true
</Plugin>

LoadPlugin network

LoadPlugin write_http
<Plugin write_http>
        <Node "test-node">
                URL "https://192.168.126.128:8088/services/collector/raw"       #https://192.168.126.128:8088为splunk中配置的http的信息
                VerifyPeer false
                VerifyHost false
                Header "Authorization: Splunk e183c136-a64b-42b1-bfd9-30cb3398f271"    #前面创建的token的值
                Format "JSON"
                Metrics true
                StoreRates true
        </Node>
</Plugin>

启动collectd

[root@localhost log]# systemctl start collectd
[root@localhost log]# ps -ef|grep collectd
root       5683      1  1 21:07 ?        00:00:00 /usr/sbin/collectd
root       5703   1377  0 21:07 pts/0    00:00:00 grep --color=auto collectd

查看collectd的log

[root@localhost log]# tail -f collectd.log
[2022-01-05 21:07:15] plugin_load: plugin "cpu" successfully loaded.
[2022-01-05 21:07:15] plugin_load: plugin "interface" successfully loaded.
[2022-01-05 21:07:15] plugin_load: plugin "load" successfully loaded.
[2022-01-05 21:07:15] plugin_load: plugin "memory" successfully loaded.
[2022-01-05 21:07:15] plugin_load: plugin "network" successfully loaded.
[2022-01-05 21:07:15] plugin_load: plugin "write_http" successfully loaded.
[2022-01-05 21:07:15] Systemd detected, trying to signal readyness.
[2022-01-05 21:07:15] Initialization complete, entering read-loop.

查看index中的metric数据(相关spl命令语法https://docs.splunk.com/Documentation/Splunk/8.2.4/SearchReference/Mstats)

case 1：查看collectd收集到了哪些metric

| mcatalog values(metric_name) WHERE index="test_collectd_index"

case 2：查看某个指标的统计值

| mstats avg(cpu.idle.value) max(memory.cached.value) where index=test_collectd_index

这样就简单地实现了collectd收集metric数据的通路，具体如何使用这些数据要结合生产时间中的需求。

标签：01,15,07,plugin,metric,collectd,splunk,21
来源： https://blog.csdn.net/QYHuiiQ/article/details/122311668