Related pages:

This page describes how to integrate AppDynamics and Splunk. This integration provides a single, cohesive view of data and allows you to:

  • Launch Splunk searches using auto-populated queries from the AppDynamics Console based on criteria such as time ranges and the node IP address.
  • Push notifications on policy violations and events from AppDynamics to Splunk.
  • Mine performance data from AppDynamics using the Controller REST API and push it into Splunk. 

Configure Splunk Integration

  1. Log in to the Controller UI as an administrator. 
  2. Select Settings > Administration.

  3. Select Integration > Splunk.

  4. Click the Enabled checkbox.

  5. For the URL, enter the Splunk URL and port number.  

  6. Optionally, enter Extra Query Parameters. These parameters are appended to each Splunk search initiated from AppDynamics.
  7. Click Save. 

Launch a Splunk Search from AppDynamics

You can launch a search of Splunk logs for a specific time frame associated with a transaction snapshot from several places in AppDynamics.

To launch a Splunk search:

  • You need Splunk credentials. You will only enter your credentials the first time that you launch a Splunk search. Your credentials are cached by the browser after the first login.
  • Ensure the Splunk Server is running.
  • Configure your browser to allow popups.

Enable Pop-ups

If you do not see a login prompt at first login, either your browser is blocking the Splunk login popup or the Splunk Server is not running.

You can access the Search Splunk option from the node dashboard or the business transaction dashboard.

Node Dashboard Access

  1. Navigate to a node dashboard.
  2. Select Actions > Search Splunk.

Business Transaction Dashboard

  1. Select the Transaction Snapshot tab.
  2. Right-click a transaction snapshot.
  3. Select More Actions
  4. Select Search Splunk.