The OpsRamp’s Logs Streaming feature empowers you to export system logs in real time to external destinations, such as Splunk.
This capability plays a critical role in IT operations by allowing teams to continuously collect, analyze, and correlate logs from various IT environments for better incident response, troubleshooting, and compliance.
With logs streaming, users gain deep insights into the system’s health, security, and performance through comprehensive log data.
Install Streaming Export integration
Here is how to install a streaming export integration for the Logs category type.
Navigate to Setup → Account. The Account Details screen is displayed.
Select the Integrations tile. The Installed Integrations screen is displayed, with all the installed applications.
If you do not have any installed applications, you will be navigated to the Available Integrations screen. The Available Integrations screen displays all the available applications along with the newly created application with the version. Note: Search for Streaming Export application using the search option available. Alternatively, search for Exports from All Categories option and select it.
Click +ADD in Streaming Export tile. The ADD STREAMING EXPORT screen is displayed.
Enter the following basic details:GENERAL DETAILS
Field Name
Field Type
Description
Name
String
Unique name of the export.
Category Type
Dropdown
Type of data for export. Select Logs. Note: The logs streaming is available at Partner and Client levels.
Clients
Radio button
All: Select All to export data for all clients under the partner.
Clients: Select Clients to export data for a specific client.
Select a client from the dropdown.
Http Endpoint
String
Enter the HTTP Endpoint. Note: You need to register for Splunk Cloud to get the endpoint details. Once registered, you will receive the necessary information you need to start sending data to Splunk Cloud. The email might provide a sample HTTP endpoint like the one below: https://{prd-p-j2qyn.splunkcloud.com}:8080/services/collector/raw
Type
Dropdown
Splunk.
Use SSL
Checkbox
Select the option for enhanced security.
AUTH HEADER
Checkbox
Auth Header Key: Authorization. Auth Header Value: Provide the Token Value prefixed with the string Splunk. Note: You can generate a new token from Settings → Data Inputs → HTTP Event Collector from Splunk cloud.
ADD FILTER
Dropdown
You can add a filter for the logs:
Click +ADD FILTER.
Select attribute, operator, and a value.
Click + to add queries.
PERMISSION: You will need Logs_View to view the ADD FILTER option.
Click FINISH. The integration is installed.
If the provided information is correct, then the integration will be saved without any errors.
