Fluent Forward receiver
The Fluent Forward receiver allows the Splunk Distribution of OpenTelemetry Collector to collect logs and events using the Fluent Forward protocol.
The Fluent Forward receiver allows the Splunk Distribution of the OpenTelemetry Collector to collect events using the bundled Fluentd application. The supported pipeline type is logs. See Process your data with pipelines for more information.
The receiver accepts data formatted as Fluent Forward events through a TCP connection. All three Fluent event types, message, forward, and packed forward, are supported, including compressed packed forward.
Deploy the collector
See Install the Collector for Windows with the installer script.
Configure the receiver
Edit your OpenTelemetry Collector configuration file as follows.
-
Add
fluentforwardto thereceiverssection:YAMLreceivers: fluentforward: endpoint: 127.0.0.1:8006 -
Add the receiver to
service.pipelines.logs:YAMLservice: pipelines: logs: receivers: [fluentforward]
Restart the collector
The restart command varies depending on what platform you deployed the collector on and what tool you used to deploy it. Here are general examples of the restart command:
- Linux
-
BASH
sudo systemctl restart splunk-otel-collector - Windows
-
Windows with installer script:
BASHstop-service splunk-otel-collector start-service splunk-otel-collector - Kubernetes
-
BASH
helm upgrade your-splunk-otel-collector splunk-otel-collector-chart/splunk-otel-collector -f your-override-values.yamlwhere
splunk-otel-collector-chartis the name you gave to the Helm chart in thehelm repo addcommand.
Settings reference
The following table shows the configuration options for the Fluent Forward receiver:
included
https://raw.githubusercontent.com/splunk/collector-config-tools/main/cfg-metadata/receiver/fluentforward.yaml