Introduction

The OpsRamp’s Logs Streaming feature empowers you to export system logs in real time to external destinations, such as Splunk.

This capability plays a critical role in IT operations by allowing teams to continuously collect, analyze, and correlate logs from various IT environments for better incident response, troubleshooting, and compliance.

With logs streaming, users gain deep insights into the system’s health, security, and performance through comprehensive log data.

Install Streaming Export integration

Here is how to install a streaming export integration for the Logs category type.

  1. Navigate to Setup → Account. The Account Details screen is displayed.

  2. Select the Integrations tile. The Installed Integrations screen is displayed, with all the installed applications.

  3. If you do not have any installed applications, you will be navigated to the Available Integrations screen. The Available Integrations screen displays all the available applications along with the newly created application with the version.
    Note: Search for Streaming Export application using the search option available. Alternatively, search for Exports from All Categories option and select it.

  4. Click +ADD in Streaming Export tile. The ADD STREAMING EXPORT screen is displayed.

  5. Enter the following basic details:

    Mandatory fields
    GENERAL DETAILS
    Field NameField TypeDescription
    NameStringUnique name of the export.
    Category TypeDropdownType of data for export. Select Logs.
    Note: The logs streaming is available at Partner and Client levels.
    ClientsRadio button
    • All: Select All to export data for all clients under the partner.
    • Clients: Select Clients to export data for a specific client.
      1. Select a client from the dropdown.
    Http EndpointStringEnter the HTTP Endpoint.
    Note: You need to register for Splunk Cloud to get the endpoint details. Once registered, you will receive the necessary information you need to start sending data to Splunk Cloud. The email might provide a sample HTTP endpoint like the one below:
    https://{prd-p-j2qyn.splunkcloud.com}:8080/services/collector/raw
    TypeDropdownSplunk.
    Use SSLCheckboxSelect the option for enhanced security.
    AUTH HEADERCheckboxAuth Header Key: Authorization.
    Auth Header Value: Provide the Token Value prefixed with the string Splunk.
    Note: You can generate a new token from
    Settings → Data Inputs → HTTP Event Collector from Splunk cloud.
    ADD FILTERDropdownYou can add a filter for the logs:
    1. Click +ADD FILTER.
    2. Select attribute, operator, and a value.
      • Click + to add queries.
    PERMISSION: You will need Logs_View to view the ADD FILTER option.

  6. Click FINISH. The integration is installed.

If the provided information is correct, then the integration will be saved without any errors.