SlideShare una empresa de Scribd logo

Splunk Modular Inputs / JMS Messaging Module Input

Descargar como PPTX, PDF
Damien Dallimore
Damien Dallimore

Presentation section from Splunk Live content

Tecnología
1 de 21
Splunk Modular Inputs Damien Dallimore Developer Evangelist
Copyright©2013,SplunkInc. Modular Inputs 2 • Extend the Splunk framework to define a custom input capability, just like the standard inputs you are familiar with (TCP/UDP/File etc…) • Splunk treats your custom input definitions as if they were part of Splunk's native inputs, totally integrated first class citizen objects in Splunk • Users interactively create and update your custom inputs using Splunk manager, just as they do for native inputs. When deploying without a UI , you push out the inputs.conf file. • All the properties are fully manageable via the REST API • Version 5.0 +
Copyright©2013,SplunkInc. What about scripted inputs ? 3 • Very loosely coupled to Splunk • No standard configuration/schema framework • No standard validation framework • No standard lifecycle management • Need to use “hacks” to make them running persistently • Not really integrated with the REST API • Logging not integrating with standard Splunk logs BUT • Their simplicity and loose coupling make them very rapid to develop • Choose the right tool for the job
Copyright©2013,SplunkInc. Diagram of Mod Input lifecycle 4 SplunkD Init / Request Scheme Mod Input Return Scheme External Validate Confirm Validation Execute XML XML XML Stream ResultsText / XML Validation Code & Error Msg $SPLUNK_HOME/var/log/splunk/splunkd.log logging
Copyright©2013,SplunkInc. Scheme XML 5
Copyright©2013,SplunkInc. Input XML 6 $SPLUNK_HOME/bin/splunk cmd splunkd print-modinput-config myscheme mystanza
Copyright©2013,SplunkInc. Manage Mod Inputs via REST API 7
Copyright©2013,SplunkInc. A few other technical features 8 • Validation • External mode or via REST create/edit • Run Mode • single or multiple instance • Checkpoint directory • So your modular input can maintain state • Streaming Mode • Text or XML • XML streaming has more syntactic sugar for meta data, event breaking • Architecture specific scripts • Splunk auto magically chooses the correct runtime script.
Copyright©2013,SplunkInc. How are Mod Inputs going to help us 9 • We need to make it easy as possible to develop modular inputs , frameworks and tools • Sometimes the greatest battle is just getting the data in , modular inputs are a great tool in our armory. • Bundle Modular Inputs in with the core product (DB, JMX, SNMP, JMS etc…) • We need to make it easy to search for, install and configure these “data connectors”
Copyright©2013,SplunkInc. Developing 10 • My preference is to use Python, however any language can be used. • http://docs.splunk.com/Documentation/Splunk/latest/AdvancedDev/ModInputsIntro • There is a certain amount of “plumbing” to put in place , so I like utilitys that take care of this for you, so you can just focus on the business logic. • I created utilitys to allow developers to rapidly create Modular Inputs in Java and Python • https://github.com/damiendallimore/SplunkModularInputsJavaFramework • https://github.com/damiendallimore/SplunkModularInputsPythonFramework • HelloWorld examples to get you started • Java -> JMS Messaging Modular Input , on Splunkbase • Python -> SNMP Modular Input , soon to be released
Copyright©2013,SplunkInc. Mod Inputs on Splunkbase 11
Copyright©2013,SplunkInc. Messaging 12 • Message Oriented Middleware (MOM) infrastructures facilitate the sending/receiving of messages between distributed systems • Topics (publish/subscribe) and Queues (point to point) • The glue that stitches heterogeneous enterprise computing environments together • Represents a massive source of machine data that can be fed into Splunk to derive operational visibility into your messaging environment and the various systems and applications that are communicating via MOM
Copyright©2013,SplunkInc. Building a Splunk Messaging Solution 13 • There has been considerable demand for functionality in Splunk to index messages from queues/topics • Ad hoc, proprietary, roll your own solutions were the only way • I wanted to develop an integrated mechanism to allow Splunk users to connect to their MOM and index their messages • Modular Inputs provided the perfect platform to build a messaging solution
Copyright©2013,SplunkInc. JMS Messaging Modular Input 14 • JMS is simply a messaging interface that abstracts your underlying MOM provider implementation • Most MOM vendors support JMS • So this allowed for creating 1 single modular input that can index messages from : • MQ Series / Websphere MQ • Tibco EMS • ActiveMQ • HornetQ • RabbitMQ • SonicMQ • JBoss Messaging • Weblogic JMS • Native JMS • StormMQ • MSMQ (with a bit of stuffing around) • Etc… • Simple to install : download from Splunkbase, drop in your apps directory, restart Splunk
Copyright©2013,SplunkInc. Key Features 15 • Known to work with all aforementioned Messaging platforms • Should work against any MOM platform with a JMS provider • Runs on all supported Splunk platforms • Consume messages from Topics and Queues • Browse Queues (if you don’t want to consume the messages) and just Splunk queue stats • Messages header, properties and body indexed in Splunk in simple key/value pairs • Can plug in your own message handler if you require customized processing of the message body • Authentication and SSL support • Scales horizontally if you require large volume message consumption
Copyright©2013,SplunkInc. JMS input fully integrated into Splunk 16
Copyright©2013,SplunkInc. Add a new queue/topic input 17
Copyright©2013,SplunkInc. Configure the properties to connect 18
Copyright©2013,SplunkInc. Get instant operational visibility 19
Demos JMS (ActiveMQ , Websphere MQ) SNMP
Copyright©2013,SplunkInc. Contact me 21 Email : ddallimore@splunk.com Twitter : @damiendallimore Skype : damien.dallimore Github : damiendallimore Splunkbase : damiend Slideshare : http://www.slideshare.net/damiendallimore Blogs : http://blogs.splunk.com/dev Web : http://dev.splunk.com

Recomendados

Splunk Developer Platform
Splunk Developer PlatformSplunk Developer Platform
Splunk Developer PlatformDamien Dallimore
 
Integrating Splunk into your Spring Applications
Integrating Splunk into your Spring ApplicationsIntegrating Splunk into your Spring Applications
Integrating Splunk into your Spring ApplicationsDamien Dallimore
 
Splunk Conf 2014 - Getting the message
Splunk Conf 2014 - Getting the messageSplunk Conf 2014 - Getting the message
Splunk Conf 2014 - Getting the messageDamien Dallimore
 
Splunking the JVM (Java Virtual Machine)
Splunking the JVM (Java Virtual Machine)Splunking the JVM (Java Virtual Machine)
Splunking the JVM (Java Virtual Machine)Damien Dallimore
 
Splunk Conf 2014 - Splunking the Java Virtual Machine
Splunk Conf 2014 - Splunking the Java Virtual MachineSplunk Conf 2014 - Splunking the Java Virtual Machine
Splunk Conf 2014 - Splunking the Java Virtual MachineDamien Dallimore
 
Using the Splunk Java SDK
Using the Splunk Java SDKUsing the Splunk Java SDK
Using the Splunk Java SDKDamien Dallimore
 
Splunking the JVM
Splunking the JVMSplunking the JVM
Splunking the JVMDamien Dallimore
 
SplunkLive London 2014 Developer Presentation
SplunkLive London 2014 Developer PresentationSplunkLive London 2014 Developer Presentation
SplunkLive London 2014 Developer PresentationDamien Dallimore
 

Recomendados

Splunk Developer Platform
Splunk Developer PlatformSplunk Developer Platform
Splunk Developer PlatformDamien Dallimore
 
Integrating Splunk into your Spring Applications
Integrating Splunk into your Spring ApplicationsIntegrating Splunk into your Spring Applications
Integrating Splunk into your Spring ApplicationsDamien Dallimore
 
Splunk Conf 2014 - Getting the message
Splunk Conf 2014 - Getting the messageSplunk Conf 2014 - Getting the message
Splunk Conf 2014 - Getting the messageDamien Dallimore
 
Splunking the JVM (Java Virtual Machine)
Splunking the JVM (Java Virtual Machine)Splunking the JVM (Java Virtual Machine)
Splunking the JVM (Java Virtual Machine)Damien Dallimore
 
Splunk Conf 2014 - Splunking the Java Virtual Machine
Splunk Conf 2014 - Splunking the Java Virtual MachineSplunk Conf 2014 - Splunking the Java Virtual Machine
Splunk Conf 2014 - Splunking the Java Virtual MachineDamien Dallimore
 
Using the Splunk Java SDK
Using the Splunk Java SDKUsing the Splunk Java SDK
Using the Splunk Java SDKDamien Dallimore
 
Splunking the JVM
Splunking the JVMSplunking the JVM
Splunking the JVMDamien Dallimore
 
SplunkLive London 2014 Developer Presentation
SplunkLive London 2014 Developer PresentationSplunkLive London 2014 Developer Presentation
SplunkLive London 2014 Developer PresentationDamien Dallimore
 
Splunk for JMX
Splunk for JMXSplunk for JMX
Splunk for JMXDamien Dallimore
 
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data AnalysisApache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data AnalysisDataWorks Summit/Hadoop Summit
 
Splunk for net developers
Splunk for net developersSplunk for net developers
Splunk for net developersGlenn Block
 
Dynatrace - Red Hat workshop : Monolith to Microservices
Dynatrace - Red Hat workshop : Monolith to MicroservicesDynatrace - Red Hat workshop : Monolith to Microservices
Dynatrace - Red Hat workshop : Monolith to MicroservicesSteve Caron
 
Developing Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS LambdaDeveloping Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS Lambdamitesh_sharma
 
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...Martin Bergljung
 
OpenShift for Java EE Developers
OpenShift for Java EE DevelopersOpenShift for Java EE Developers
OpenShift for Java EE DevelopersMarkus Eisele
 
Extending the Enterprise with MEF
Extending the Enterprise with MEFExtending the Enterprise with MEF
Extending the Enterprise with MEFBrian Ritchie
 
Livy: A REST Web Service For Apache Spark
Livy: A REST Web Service For Apache SparkLivy: A REST Web Service For Apache Spark
Livy: A REST Web Service For Apache SparkJen Aman
 
Apereo OAE - Architectural overview
Apereo OAE - Architectural overviewApereo OAE - Architectural overview
Apereo OAE - Architectural overviewNicolaas Matthijs
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observabilityNikolay Stoitsev
 
OSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
OSMC 2021 || Open Source Application Performance Monitoring in the EnterpriseOSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
OSMC 2021 || Open Source Application Performance Monitoring in the EnterpriseNETWAYS
 
Microservice With Spring Boot and Spring Cloud
Microservice With Spring Boot and Spring CloudMicroservice With Spring Boot and Spring Cloud
Microservice With Spring Boot and Spring CloudEberhard Wolff
 
EF Core (RC2)
EF Core (RC2)EF Core (RC2)
EF Core (RC2)Ido Flatow
 
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012Jagadish Prasath
 
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...gethue
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euFrancesco Chicchiriccò
 
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostPulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostStreamNative
 
Kafka Needs No Keeper
Kafka Needs No KeeperKafka Needs No Keeper
Kafka Needs No KeeperC4Media
 
Stream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStreamlio
 
Stackato v5
Stackato v5Stackato v5
Stackato v5Jonas Brømsø
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)yalini97
 

Más contenido relacionado

La actualidad más candente

Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data AnalysisApache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data AnalysisDataWorks Summit/Hadoop Summit
 
Splunk for net developers
Splunk for net developersSplunk for net developers
Splunk for net developersGlenn Block
 
Dynatrace - Red Hat workshop : Monolith to Microservices
Dynatrace - Red Hat workshop : Monolith to MicroservicesDynatrace - Red Hat workshop : Monolith to Microservices
Dynatrace - Red Hat workshop : Monolith to MicroservicesSteve Caron
 
Developing Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS LambdaDeveloping Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS Lambdamitesh_sharma
 
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...Martin Bergljung
 
OpenShift for Java EE Developers
OpenShift for Java EE DevelopersOpenShift for Java EE Developers
OpenShift for Java EE DevelopersMarkus Eisele
 
Extending the Enterprise with MEF
Extending the Enterprise with MEFExtending the Enterprise with MEF
Extending the Enterprise with MEFBrian Ritchie
 
Livy: A REST Web Service For Apache Spark
Livy: A REST Web Service For Apache SparkLivy: A REST Web Service For Apache Spark
Livy: A REST Web Service For Apache SparkJen Aman
 
Apereo OAE - Architectural overview
Apereo OAE - Architectural overviewApereo OAE - Architectural overview
Apereo OAE - Architectural overviewNicolaas Matthijs
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observabilityNikolay Stoitsev
 
OSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
OSMC 2021 || Open Source Application Performance Monitoring in the EnterpriseOSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
OSMC 2021 || Open Source Application Performance Monitoring in the EnterpriseNETWAYS
 
Microservice With Spring Boot and Spring Cloud
Microservice With Spring Boot and Spring CloudMicroservice With Spring Boot and Spring Cloud
Microservice With Spring Boot and Spring CloudEberhard Wolff
 
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012Jagadish Prasath
 
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...gethue
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euFrancesco Chicchiriccò
 
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostPulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostStreamNative
 
Kafka Needs No Keeper
Kafka Needs No KeeperKafka Needs No Keeper
Kafka Needs No KeeperC4Media
 
Stream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStreamlio
 

La actualidad más candente (20)

Splunk for JMX
Splunk for JMXSplunk for JMX
Splunk for JMX
 
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data AnalysisApache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
Apache Zeppelin + Livy: Bringing Multi Tenancy to Interactive Data Analysis
 
Splunk for net developers
Splunk for net developersSplunk for net developers
Splunk for net developers
 
Dynatrace - Red Hat workshop : Monolith to Microservices
Dynatrace - Red Hat workshop : Monolith to MicroservicesDynatrace - Red Hat workshop : Monolith to Microservices
Dynatrace - Red Hat workshop : Monolith to Microservices
 
Developing Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS LambdaDeveloping Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS Lambda
 
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
Alfresco DevCon 2018: SDK 3 Multi Module project using Nexus 3 for releases a...
 
OpenShift for Java EE Developers
OpenShift for Java EE DevelopersOpenShift for Java EE Developers
OpenShift for Java EE Developers
 
Extending the Enterprise with MEF
Extending the Enterprise with MEFExtending the Enterprise with MEF
Extending the Enterprise with MEF
 
Livy: A REST Web Service For Apache Spark
Livy: A REST Web Service For Apache SparkLivy: A REST Web Service For Apache Spark
Livy: A REST Web Service For Apache Spark
 
Apereo OAE - Architectural overview
Apereo OAE - Architectural overviewApereo OAE - Architectural overview
Apereo OAE - Architectural overview
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
 
OSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
OSMC 2021 || Open Source Application Performance Monitoring in the EnterpriseOSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
OSMC 2021 || Open Source Application Performance Monitoring in the Enterprise
 
Microservice With Spring Boot and Spring Cloud
Microservice With Spring Boot and Spring CloudMicroservice With Spring Boot and Spring Cloud
Microservice With Spring Boot and Spring Cloud
 
EF Core (RC2)
EF Core (RC2)EF Core (RC2)
EF Core (RC2)
 
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
EJB 3.2 - Java EE 7 - Java One Hyderabad 2012
 
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con eu
 
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostPulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
 
Kafka Needs No Keeper
Kafka Needs No KeeperKafka Needs No Keeper
Kafka Needs No Keeper
 
Stream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar Functions
 

Similar a Splunk Modular Inputs / JMS Messaging Module Input

Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)yalini97
 
Mulesoft meetup 9thmay Thiruvananthapuram
Mulesoft meetup 9thmay ThiruvananthapuramMulesoft meetup 9thmay Thiruvananthapuram
Mulesoft meetup 9thmay ThiruvananthapuramAnurag Dwivedi
 
IoT Studio #1: Protocols introduction and connected jukebox
IoT Studio #1: Protocols introduction and connected jukeboxIoT Studio #1: Protocols introduction and connected jukebox
IoT Studio #1: Protocols introduction and connected jukeboxMickaël Rémond
 
Introduction to Python Programming
Introduction to Python ProgrammingIntroduction to Python Programming
Introduction to Python ProgrammingAkhil Kaushik
 
Big analytics meetup - Extended Jupyter Kernel Gateway
Big analytics meetup - Extended Jupyter Kernel GatewayBig analytics meetup - Extended Jupyter Kernel Gateway
Big analytics meetup - Extended Jupyter Kernel GatewayLuciano Resende
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Adam Dunkels
 
BP214 IBM Lotus Symphony : Finally, A Developer's Friend
BP214 IBM Lotus Symphony : Finally, A Developer's FriendBP214 IBM Lotus Symphony : Finally, A Developer's Friend
BP214 IBM Lotus Symphony : Finally, A Developer's FriendJohn Head
 
An Introduction to the Model-View-Controller Pattern
An Introduction to the Model-View-Controller PatternAn Introduction to the Model-View-Controller Pattern
An Introduction to the Model-View-Controller PatternTeamstudio
 
XPages: No Experience Needed
XPages: No Experience NeededXPages: No Experience Needed
XPages: No Experience NeededKathy Brown
 
MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...
MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...
MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...Victor Toal
 
Docker at and with SignalFx
Docker at and with SignalFxDocker at and with SignalFx
Docker at and with SignalFxSignalFx
 
Writing Services with ZF2
Writing Services with ZF2Writing Services with ZF2
Writing Services with ZF2Mike Willbanks
 

Similar a Splunk Modular Inputs / JMS Messaging Module Input (20)

Stackato v5
Stackato v5Stackato v5
Stackato v5
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)
 
Mulesoft meetup 9thmay Thiruvananthapuram
Mulesoft meetup 9thmay ThiruvananthapuramMulesoft meetup 9thmay Thiruvananthapuram
Mulesoft meetup 9thmay Thiruvananthapuram
 
IoT Studio #1: Protocols introduction and connected jukebox
IoT Studio #1: Protocols introduction and connected jukeboxIoT Studio #1: Protocols introduction and connected jukebox
IoT Studio #1: Protocols introduction and connected jukebox
 
Stackato v6
Stackato v6Stackato v6
Stackato v6
 
The Java Story
The Java StoryThe Java Story
The Java Story
 
Stackato
StackatoStackato
Stackato
 
Introduction to Python Programming
Introduction to Python ProgrammingIntroduction to Python Programming
Introduction to Python Programming
 
Big analytics meetup - Extended Jupyter Kernel Gateway
Big analytics meetup - Extended Jupyter Kernel GatewayBig analytics meetup - Extended Jupyter Kernel Gateway
Big analytics meetup - Extended Jupyter Kernel Gateway
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
 
Stackato v4
Stackato v4Stackato v4
Stackato v4
 
BP214 IBM Lotus Symphony : Finally, A Developer's Friend
BP214 IBM Lotus Symphony : Finally, A Developer's FriendBP214 IBM Lotus Symphony : Finally, A Developer's Friend
BP214 IBM Lotus Symphony : Finally, A Developer's Friend
 
Fsoss 2010 en
Fsoss 2010 enFsoss 2010 en
Fsoss 2010 en
 
Docker {at,with} SignalFx
Docker {at,with} SignalFxDocker {at,with} SignalFx
Docker {at,with} SignalFx
 
An Introduction to the Model-View-Controller Pattern
An Introduction to the Model-View-Controller PatternAn Introduction to the Model-View-Controller Pattern
An Introduction to the Model-View-Controller Pattern
 
Cracow MuleSoft Meetup #1
Cracow MuleSoft Meetup #1Cracow MuleSoft Meetup #1
Cracow MuleSoft Meetup #1
 
XPages: No Experience Needed
XPages: No Experience NeededXPages: No Experience Needed
XPages: No Experience Needed
 
MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...
MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...
MWLUG 2015 - IBM Connections - Installing the Free "Extras" and Integrating w...
 
Docker at and with SignalFx
Docker at and with SignalFxDocker at and with SignalFx
Docker at and with SignalFx
 
Writing Services with ZF2
Writing Services with ZF2Writing Services with ZF2
Writing Services with ZF2
 

Más de Damien Dallimore

QCon London 2015 - Wrangling Data at the IOT Rodeo
QCon London 2015 - Wrangling Data at the IOT RodeoQCon London 2015 - Wrangling Data at the IOT Rodeo
QCon London 2015 - Wrangling Data at the IOT RodeoDamien Dallimore
 
SpringOne2GX 2014 Splunk Presentation
SpringOne2GX 2014 Splunk PresentationSpringOne2GX 2014 Splunk Presentation
SpringOne2GX 2014 Splunk PresentationDamien Dallimore
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxDamien Dallimore
 

Más de Damien Dallimore (6)

QCon London 2015 - Wrangling Data at the IOT Rodeo
QCon London 2015 - Wrangling Data at the IOT RodeoQCon London 2015 - Wrangling Data at the IOT Rodeo
QCon London 2015 - Wrangling Data at the IOT Rodeo
 
SpringOne2GX 2014 Splunk Presentation
SpringOne2GX 2014 Splunk PresentationSpringOne2GX 2014 Splunk Presentation
SpringOne2GX 2014 Splunk Presentation
 
A Brief History Of Data
A Brief History Of DataA Brief History Of Data
A Brief History Of Data
 
Spring Integration Splunk
Spring Integration SplunkSpring Integration Splunk
Spring Integration Splunk
 
Splunk Java Agent
Splunk Java AgentSplunk Java Agent
Splunk Java Agent
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gx
 

Último

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Último (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Splunk Modular Inputs / JMS Messaging Module Input

  • 1. Splunk Modular Inputs Damien Dallimore Developer Evangelist
  • 2. Copyright©2013,SplunkInc. Modular Inputs 2 • Extend the Splunk framework to define a custom input capability, just like the standard inputs you are familiar with (TCP/UDP/File etc…) • Splunk treats your custom input definitions as if they were part of Splunk's native inputs, totally integrated first class citizen objects in Splunk • Users interactively create and update your custom inputs using Splunk manager, just as they do for native inputs. When deploying without a UI , you push out the inputs.conf file. • All the properties are fully manageable via the REST API • Version 5.0 +
  • 3. Copyright©2013,SplunkInc. What about scripted inputs ? 3 • Very loosely coupled to Splunk • No standard configuration/schema framework • No standard validation framework • No standard lifecycle management • Need to use “hacks” to make them running persistently • Not really integrated with the REST API • Logging not integrating with standard Splunk logs BUT • Their simplicity and loose coupling make them very rapid to develop • Choose the right tool for the job
  • 4. Copyright©2013,SplunkInc. Diagram of Mod Input lifecycle 4 SplunkD Init / Request Scheme Mod Input Return Scheme External Validate Confirm Validation Execute XML XML XML Stream ResultsText / XML Validation Code & Error Msg $SPLUNK_HOME/var/log/splunk/splunkd.log logging
  • 6. Copyright©2013,SplunkInc. Input XML 6 $SPLUNK_HOME/bin/splunk cmd splunkd print-modinput-config myscheme mystanza
  • 8. Copyright©2013,SplunkInc. A few other technical features 8 • Validation • External mode or via REST create/edit • Run Mode • single or multiple instance • Checkpoint directory • So your modular input can maintain state • Streaming Mode • Text or XML • XML streaming has more syntactic sugar for meta data, event breaking • Architecture specific scripts • Splunk auto magically chooses the correct runtime script.
  • 9. Copyright©2013,SplunkInc. How are Mod Inputs going to help us 9 • We need to make it easy as possible to develop modular inputs , frameworks and tools • Sometimes the greatest battle is just getting the data in , modular inputs are a great tool in our armory. • Bundle Modular Inputs in with the core product (DB, JMX, SNMP, JMS etc…) • We need to make it easy to search for, install and configure these “data connectors”
  • 10. Copyright©2013,SplunkInc. Developing 10 • My preference is to use Python, however any language can be used. • http://docs.splunk.com/Documentation/Splunk/latest/AdvancedDev/ModInputsIntro • There is a certain amount of “plumbing” to put in place , so I like utilitys that take care of this for you, so you can just focus on the business logic. • I created utilitys to allow developers to rapidly create Modular Inputs in Java and Python • https://github.com/damiendallimore/SplunkModularInputsJavaFramework • https://github.com/damiendallimore/SplunkModularInputsPythonFramework • HelloWorld examples to get you started • Java -> JMS Messaging Modular Input , on Splunkbase • Python -> SNMP Modular Input , soon to be released
  • 12. Copyright©2013,SplunkInc. Messaging 12 • Message Oriented Middleware (MOM) infrastructures facilitate the sending/receiving of messages between distributed systems • Topics (publish/subscribe) and Queues (point to point) • The glue that stitches heterogeneous enterprise computing environments together • Represents a massive source of machine data that can be fed into Splunk to derive operational visibility into your messaging environment and the various systems and applications that are communicating via MOM
  • 13. Copyright©2013,SplunkInc. Building a Splunk Messaging Solution 13 • There has been considerable demand for functionality in Splunk to index messages from queues/topics • Ad hoc, proprietary, roll your own solutions were the only way • I wanted to develop an integrated mechanism to allow Splunk users to connect to their MOM and index their messages • Modular Inputs provided the perfect platform to build a messaging solution
  • 14. Copyright©2013,SplunkInc. JMS Messaging Modular Input 14 • JMS is simply a messaging interface that abstracts your underlying MOM provider implementation • Most MOM vendors support JMS • So this allowed for creating 1 single modular input that can index messages from : • MQ Series / Websphere MQ • Tibco EMS • ActiveMQ • HornetQ • RabbitMQ • SonicMQ • JBoss Messaging • Weblogic JMS • Native JMS • StormMQ • MSMQ (with a bit of stuffing around) • Etc… • Simple to install : download from Splunkbase, drop in your apps directory, restart Splunk
  • 15. Copyright©2013,SplunkInc. Key Features 15 • Known to work with all aforementioned Messaging platforms • Should work against any MOM platform with a JMS provider • Runs on all supported Splunk platforms • Consume messages from Topics and Queues • Browse Queues (if you don’t want to consume the messages) and just Splunk queue stats • Messages header, properties and body indexed in Splunk in simple key/value pairs • Can plug in your own message handler if you require customized processing of the message body • Authentication and SSL support • Scales horizontally if you require large volume message consumption
  • 16. Copyright©2013,SplunkInc. JMS input fully integrated into Splunk 16
  • 17. Copyright©2013,SplunkInc. Add a new queue/topic input 17
  • 20. Demos JMS (ActiveMQ , Websphere MQ) SNMP
  • 21. Copyright©2013,SplunkInc. Contact me 21 Email : ddallimore@splunk.com Twitter : @damiendallimore Skype : damien.dallimore Github : damiendallimore Splunkbase : damiend Slideshare : http://www.slideshare.net/damiendallimore Blogs : http://blogs.splunk.com/dev Web : http://dev.splunk.com