目录
输入和输出集成概述
此插件可以通过 Stackdriver Monitoring API 从 Google Cloud 服务收集监控数据。它旨在通过收集相关指标,帮助用户监控其云基础设施的性能和健康状况。
此输出插件有助于将 Telegraf 收集的指标通过 HTTP 事件收集器直接流式传输到 Splunk 中,从而实现与 Splunk 强大的分析平台的轻松集成。
集成详情
Google Cloud Stackdriver
Stackdriver Telegraf 插件允许用户使用 Cloud Monitoring API v3 从 Google Cloud Monitoring 查询时序数据。借助此插件,用户可以轻松地将 Google Cloud 监控指标集成到其监控堆栈中。此 API 提供了关于在 Google Cloud 中运行的资源和应用程序的大量见解,包括性能、正常运行时间和运营指标。该插件支持各种配置选项来过滤和优化检索到的数据,使用户可以根据其特定需求自定义其监控设置。此集成有助于更顺畅地维护云资源的健康和性能,并协助团队根据历史和当前性能统计数据做出数据驱动的决策。
Splunk
使用 Telegraf 可以轻松地从许多不同来源收集和聚合指标,并将它们发送到 Splunk。通过使用 HTTP 输出插件并结合专门的 Splunk 指标序列化器,此配置可确保高效地将数据摄取到 Splunk 的指标索引中。HEC 是 Splunk 提供的一种高级机制,旨在通过 HTTP 或 HTTPS 可靠地大规模收集数据,为安全性、监控和分析工作负载提供关键功能。Telegraf 与 Splunk HEC 的集成通过利用标准 HTTP 协议、内置身份验证和结构化数据序列化来简化操作,优化指标摄取并实现即时可操作的见解。
配置
Google Cloud Stackdriver
[[inputs.stackdriver]]
## GCP Project
project = "erudite-bloom-151019"
## Include timeseries that start with the given metric type.
metric_type_prefix_include = [
"compute.googleapis.com/",
]
## Exclude timeseries that start with the given metric type.
# metric_type_prefix_exclude = []
## Most metrics are updated no more than once per minute; it is recommended
## to override the agent level interval with a value of 1m or greater.
interval = "1m"
## Maximum number of API calls to make per second. The quota for accounts
## varies, it can be viewed on the API dashboard:
## https://cloud.google.com/monitoring/quotas#quotas_and_limits
# rate_limit = 14
## The delay and window options control the number of points selected on
## each gather. When set, metrics are gathered between:
## start: now() - delay - window
## end: now() - delay
#
## Collection delay; if set too low metrics may not yet be available.
# delay = "5m"
#
## If unset, the window will start at 1m and be updated dynamically to span
## the time between calls (approximately the length of the plugin interval).
# window = "1m"
## TTL for cached list of metric types. This is the maximum amount of time
## it may take to discover new metrics.
# cache_ttl = "1h"
## If true, raw bucket counts are collected for distribution value types.
## For a more lightweight collection, you may wish to disable and use
## distribution_aggregation_aligners instead.
# gather_raw_distribution_buckets = true
## Aggregate functions to be used for metrics whose value type is
## distribution. These aggregate values are recorded in in addition to raw
## bucket counts; if they are enabled.
##
## For a list of aligner strings see:
## https://cloud.google.com/monitoring/api/ref_v3/rpc/google.monitoring.v3#aligner
# distribution_aggregation_aligners = [
# "ALIGN_PERCENTILE_99",
# "ALIGN_PERCENTILE_95",
# "ALIGN_PERCENTILE_50",
# ]
## Filters can be added to reduce the number of time series matched. All
## functions are supported: starts_with, ends_with, has_substring, and
## one_of. Only the '=' operator is supported.
##
## The logical operators when combining filters are defined statically using
## the following values:
## filter ::= {AND AND AND }
## resource_labels ::= {OR }
## metric_labels ::= {OR }
## user_labels ::= {OR }
## system_labels ::= {OR }
##
## For more details, see https://cloud.google.com/monitoring/api/v3/filters
#
## Resource labels refine the time series selection with the following expression:
## resource.labels. =
# [[inputs.stackdriver.filter.resource_labels]]
# key = "instance_name"
# value = 'starts_with("localhost")'
#
## Metric labels refine the time series selection with the following expression:
## metric.labels. =
# [[inputs.stackdriver.filter.metric_labels]]
# key = "device_name"
# value = 'one_of("sda", "sdb")'
#
## User labels refine the time series selection with the following expression:
## metadata.user_labels."" =
# [[inputs.stackdriver.filter.user_labels]]
# key = "environment"
# value = 'one_of("prod", "staging")'
#
## System labels refine the time series selection with the following expression:
## metadata.system_labels."" =
# [[inputs.stackdriver.filter.system_labels]]
# key = "machine_type"
# value = 'starts_with("e2-")'
</code></pre>
Splunk
[[outputs.http]]
## Splunk HTTP Event Collector endpoint
url = "https://splunk.example.com:8088/services/collector"
## HTTP method to use
method = "POST"
## Splunk authentication token
headers = {"Authorization" = "Splunk YOUR_SPLUNK_HEC_TOKEN"}
## Serializer for formatting metrics specifically for Splunk
data_format = "splunkmetric"
## Optional parameters
# timeout = "5s"
# insecure_skip_verify = false
# tls_ca = "/path/to/ca.pem"
# tls_cert = "/path/to/cert.pem"
# tls_key = "/path/to/key.pem"输入和输出集成示例
Google Cloud Stackdriver
-
将云指标集成到自定义仪表板中:借助此插件,团队可以将来自 Google Cloud 的指标导入个性化仪表板,从而实现对应用程序性能和资源利用率的实时监控。通过自定义云指标的可视化表示,运营团队可以轻松识别趋势和异常,从而在问题升级之前进行主动管理。
-
自动化警报和分析:用户可以设置自动化警报机制,利用插件的指标来跟踪资源阈值。此功能使团队能够通过提供即时通知,对性能下降或中断做出快速反应,从而缩短平均恢复时间并确保持续的运营效率。
-
跨平台资源比较:该插件可用于从各种 Google Cloud 服务中提取指标,并将它们与本地资源进行比较。这种跨平台可见性有助于组织就资源分配和扩展策略做出明智的决策,并优化云支出与本地基础设施。
-
用于容量规划的历史数据分析:通过长期收集历史指标,该插件使团队能够进行彻底的容量规划。了解过去的性能趋势有助于准确预测资源需求,从而实现更好的预算和投资策略。
Splunk
-
实时安全分析:利用此插件将来自各种应用程序的安全相关指标实时流式传输到 Splunk 中。组织可以通过关联跨系统的数据流立即检测到威胁,从而显着缩短检测和响应时间。
-
多云基础设施监控:集成 Telegraf 以将来自多云环境的指标直接整合到 Splunk 中,从而实现全面的可见性和运营情报。这种统一的监控使团队能够快速检测性能问题并简化云资源管理。
-
动态容量规划:部署此插件以将来自容器编排平台(如 Kubernetes)的资源指标持续推送到 Splunk 中。通过利用 Splunk 的分析功能,团队可以自动化预测性扩展和资源分配,避免资源瓶颈并最大限度地降低成本。
-
自动化事件响应工作流程:将此插件与 Splunk 的警报系统结合使用,以创建自动化事件响应工作流程。Telegraf 收集的指标触发实时警报和自动化修复脚本,从而确保快速解决问题并保持高系统可用性。
反馈
感谢您成为我们社区的一份子!如果您有任何一般性反馈或在这些页面上发现了任何错误,我们欢迎并鼓励您提供意见。请在 InfluxDB 社区 Slack 中提交您的反馈。
