How to setup splunkstorm for AWS Beanstalk

This guide describes how to setup  SplunkStorm for Elastic-beanstalk with Auto-scaling  & Standalone EC2 instances.

What is Splunk Storm?

Splunk Storm is a cloud-based service that turns machine data into valuable insights. Machine data is generated by web sites, applications, servers, networks, mobile devices, and the like. Splunk Storm consumes machine data and allows users to search and visualize it to monitor and analyze everything from customer clickstreams and transactions to network activity to call records.

Setting up Splunk Storm

Download and install the universal forwarder for *nix

In eleven easy steps!

Get the forwarder and credentials package

  1. In the Storm UI, navigate to the project you want to forward data into. Click Inputs, then Forwarders.
    2. Download forwarder credentials for this project by clicking credentials package (stormforwarder_<project_id>.spl ). This package contains the authentication credentials and configuration that allow sending data to this project only. Do not skip this step.
    Note: Do not share this information with anyone else, as it contains your access token.
    3. Follow the link to the universal forwarder downloads (splunkforwarder_<package_name>.rpm ) page and download the package of your choice.

Creating a local repository for install forwarder & credentials packages.

  1. Create a S3 bucket with owner full access.
  2. upload  the splunkforwarder_<package_name>.rpm  & stormforwarder_<project_id>.spl . Chage the both packages permission to owner Full Control & All user Read.
    Ex URL -: https://s3.amazonaws.com/SplunkRPM/

Splunk Storm auto-deploy script.

 

Install the forwarder & credentials packages.

  1. Create a .ebextensions top-level directory of your source bundle.
  2. Copy the script  to the .ebextensions folder. ( .ebextensions/SplunkStorm.config.)
  3. Crate  “war” file  & upload the war file  to the Elastic-beanstalk.
  4. After war file deployment is successfully completed
  5. Go to the www.splunkstorm.com  & click Dashboard then click Data Summary & select  Testhost in host column.

Leave a Reply

Your email address will not be published. Required fields are marked *