Splunk Observability Cloud (SignalFx)
Splunk Observability Cloud (formerly known as SignalFx) is a monitoring and analytics platform that allows customers to evaluate, visualize, automate, and alert on metrics.
Integrating Splunk Observability Cloud with Cortex allows you to:
View SLO information on entity pages in Cortex
Create Scorecards that include rules related to your Splunk Observability Cloud SLOs
How to configure Splunk Observability Cloud with Cortex
Prerequisites
Before getting started:
Create an access token in Splunk.
Configure the integration in Cortex
In Cortex, navigate to the Splunk Observability settings page:
In Cortex, click your avatar in the lower left corner, then click Settings.
Under "Integrations," click Splunk Observability.
Click Add configuration.
Configure the integration form:
Realm: Enter your Splunk Observability realm.
You can find it in the URL for your instance, e.g.,
https://app.{REALM}.signalfx.com/#/metrics.
Access token: Enter the access token you generated in Splunk.
Click Save.
After saving your configuration, you are redirected to the Splunk Observability integration settings page in Cortex. In the upper right corner of the page, click Test configuration to ensure Splunk Observability was configured properly.
How to connect Cortex entities to Splunk Observability SLOs
Editing the entity descriptor
SLOs can be defined in the entity descriptor.
You can pull in data about SLOs and manage them in Cortex by defining relevant SLIs through queries, along with a threshold and a comparator. Cortex will pull data from Splunk Observability Cloud and roll up the query with a specified rollup function.
x-cortex-slos:
signalfx:
- query: sf_metric:"jvm.memory.max" AND area:"nonheap"
rollup: AVERAGE
target: 5120000
lookback: P1Y
operation: "<="query
Elasticsearch query for your metric: Use sf_metric to filter by the given metric and add additional dimensions to narrow the searchQueries resulting in multiple datasets will be rolled up according to rollup
✓
rollup
SUM or AVERAGE
✓
target
Target number for the SLO
✓
operation
>, <, =, =
✓
Using the Splunk Observability integration
Viewing SLO information on an entity
When an SLO is defined in an entity's descriptor, SLO information appears in the Monitoring block on an entity details page's overview.
Monitoring
Click Monitoring > Data overview in the entity's sidebar to see the query, target, and current value for each SLO from any integrations you're pulling SLOs from. Each SLO also includes the period of time the SLO is being calculated for. For example, if the time listed is "7 days ago," then the SLO is looking at the time range starting 7 days ago to now.
Click Monitoring > Splunk Observability to view a graph of SLO performance over time.
Scorecards and CQL
With the Splunk Observability Cloud integration, you can create Scorecard rules and write CQL queries based on Splunk Observability Cloud SLOs.
See more examples in the CQL Explorer in Cortex.
Still need help?
The following options are available to get assistance from the Cortex Customer Engineering team:
Email: [email protected], or open a support ticket in the in app Resource Center
Chat: Available in the Resource Center
Slack: Users with a connected Slack channel will have a workflow added to their account. From here, you can either @CortexTechnicalSupport or add a
:ticket:reaction to a question in Slack, and the team will respond directly.
Don’t have a Slack channel? Talk with your Customer Success Manager.
Last updated
Was this helpful?