Accessing and configuring logs
Configuring SC4SNMP loglevel¶
SC4SNMP log level can be configured in values.yaml file. The default value for it is INFO, other
possible levels to set are DEBUG, INFO, WARNING, ERROR, CRITICAL or FATAL. To change
the log level for a specific component, add the following configuration to values.yaml:
worker:
logLevel: "DEBUG"
And redeploy SC4SNMP.
Log level configuration can be set for worker, poller, scheduler and traps.
Accessing SC4SNMP logs¶
SC4SNMP logs can be browsed in Splunk in em_logs index, provided that sck-otel
is installed. Logs can be also accessed directly in kubernetes using terminal.
Accessing logs via Splunk¶
If sck-otel is installed, browse em_logs index. Logs can be further filtered
for example by the sourcetype field. Example search command to get logs from poller:
index=em_logs sourcetype="kube:container:splunk-connect-for-snmp-worker-poller"
Accessing logs in kubernetes¶
To access logs directly in kubernetes, first run microk8s kubectl -n sc4snmp get pods. This will output all pods:
NAME READY STATUS RESTARTS AGE
snmp-splunk-connect-for-snmp-worker-trap-99f49c557-j9jwx 1/1 Running 0 29m
snmp-splunk-connect-for-snmp-trap-56f75f9754-kmlgb 1/1 Running 0 29m
snmp-splunk-connect-for-snmp-scheduler-7bb8c79855-rgjkj 1/1 Running 0 29m
snmp-mibserver-784bd599fd-6xzfj 1/1 Running 0 29m
snmp-splunk-connect-for-snmp-worker-poller-78b46d668f-59mv4 1/1 Running 0 29m
snmp-splunk-connect-for-snmp-worker-sender-6f8496bfbf-cvt9l 1/1 Running 0 29m
snmp-mongodb-7579dc7867-mlnst 2/2 Running 0 29m
snmp-redis-master-0 1/1 Running 0 29m
Now select the desired pod and run microk8s kubectl -n sc4snmp logs pod/<pod-name> command. Example command to retrieve
logs from splunk-connect-for-snmp-worker-poller:
microk8s kubectl -n sc4snmp logs pod/snmp-splunk-connect-for-snmp-worker-poller-78b46d668f-59mv4
Accessing logs in docker¶
Refer to splunk logging for instructions on how to enable logging in docker and sent them to Splunk.
To access logs directly in docker, first run docker ps. This will output all containers:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
afcd8f4850cd ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh cel…" 19 seconds ago Up 17 seconds docker_compose-worker-poller-1
5cea46cee0cb ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh cel…" 19 seconds ago Up 17 seconds docker_compose-worker-sender-1
1c5154c91191 ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh cel…" 19 seconds ago Up 17 seconds sc4snmp-scheduler
8f6e60903780 ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh trap" 19 seconds ago Up 17 seconds 0.0.0.0:2163->2163/udp, :::2163->2163/udp, 0.0.0.0:162->2162/udp, [::]:162->2162/udp sc4snmp-traps
f146802a0a8d ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh cel…" 19 seconds ago Up 16 seconds docker_compose-worker-poller-2
70e0fe076cdf ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh cel…" 19 seconds ago Up 17 seconds docker_compose-worker-trap-2
090cc957b600 ghcr.io/splunk/splunk-connect-for-snmp/container:1.12.0-beta.1 "./entrypoint.sh cel…" 19 seconds ago Up 16 seconds docker_compose-worker-trap-1
24aac5c89d80 ghcr.io/pysnmp/mibs/container:latest "/bin/sh -c '/app/lo…" 19 seconds ago Up 18 seconds 8080/tcp snmp-mibserver
a5bef5a5a02c bitnami/mongodb:6.0.9-debian-11-r5 "/opt/bitnami/script…" 19 seconds ago Up 18 seconds 27017/tcp mongo
76f966236c1b bitnami/redis:7.2.1-debian-11-r0 "/opt/bitnami/script…" 19 seconds ago Up 18 seconds 6379/tcp redis
163d880eaf8c coredns/coredns:1.11.1 "/coredns -conf /Cor…" 19 seconds ago Up 18 seconds 53/tcp, 53/udp coredns
Now select the desired container and run docker logs <container_name/id> command.
Example command to retrieve logs from splunk-connect-for-snmp-worker-poller:
docker logs docker_compose-worker-poller-1