Is there any way to send sensu metrics over to splunk?
1 Like
Here’s an example using a Sensu socket handler and the Splunk Universal Forwarder:
This template assumes the Splunk Universal Forwarder is installed on all Sensu backend nodes, and simply forwards Sensu formatted events to Splunk (unless you’re also using a mutator to modify event payloads).
I can’t seem to get it working. I have attached a screenshot of my sensu handler as well as my splunk input.conf file. The host on the sensu handler is not actually 123.123.123.123, I just put that so that I do not reveal my actual host. However the host I actually used is the ip address of the first sensu backend node in my cluster where I also have the input.conf configured for.
What I am expecting to see is some recognizable output in the Splunk Search with the sourcetype of “sensu”. Is that right to assume or should I be expecting to see the metrics in a different way?
@username123 were you able to get your setup working with splunk. If so, can you provide the steps you have followed