Automated Splunk Monitoring on Containerized Environments

SGG has automated Splunk logging for a major US retailer, allowing applications built on the Openshift Container Platform to automatically feed into Splunk using a log shipper deployment package. The data is forwarded to a temporary index where users can verify that their data is logging as expected, and then it is moved into a permanent index. In addition to streamlining the logging process, the SGG team has built over 40 custom dashboards in Splunk, including an in-depth view of GCP VM health which calculates the cost per disk, and can be filtered by application, disk type, environment, etc. These insights assist in determining which applications are the most costly, and which disks are being over or under utilized. This automation paired with custom built dashboards left our customer fully prepared for the holiday season peak.