Get started: Understand and use the Collector

Describes platform-specific installation information for the Splunk Distribution of OpenTelemetry Collector. Also covers how to configure the Splunk Distribution of OpenTelemetry Collector. There are a variety of default configuration files available, as well additional components that can be configured.

For a quick overview of the Collector, see Get started with the Splunk Distribution of the OpenTelemetry Collector.

Get started with the available options to install, deploy, and configure the Splunk Distribution of the OpenTelemetry Collector. Next, learn how to use the Collector.

See Processor architecture for compatible CPU architectures and operating systems.
See Collector deployment modes for information on the two deployment modes for the Collector: host monitoring (agent) mode, and data forwarding (gateway) mode.

Install the Collector using packages and deployment tools

The Splunk Distribution of the OpenTelemetry Collector is supported on Kubernetes, Linux, and Windows. Use one of the following packages to gather data for Splunk Observability Cloud:

Verify the Docker image of the Collector

Docker images of the Collector are automatically signed.If you need to verify and trust your software package, use the following public key to verify the Docker images of the Collector for versions 0.93 or higher:

-----BEGINPUBLICKEY-----MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnQi0COAQC5XgALFAyTW3JXiHvXJLIFKK+LKS8iVo0Ec2tsABJ5usp5yCYTENJHoS1fLC5XcY5nyM4fqxjWJK3FqDa/inWkryNgpW8Mx5LhjGiIxiBiMnONFh0cZNctbQ7mNTBZgisiwThDTOovtW660MCCeZdPAMdSHaDym7GWAQi1tVWMioI2r9s5DUbwbzK5z9z/HZuX9Su2KJxxG6TagdZB6EyhkdyV/LR1ud5R/5P2ouRt/DpIj/iSRnkTV28wDRSf//QR75SiyDW2zoph5MmkD88H5aTw22cJ35sFo3S+NLxakrQZzyH1G4oY6vpQ8h0hMYJ9zAJZxA/kzNmLZ/V4QVj8tkJaj7igcOKpfatQUu7n6HapCLhoNAcrnDskf23V4PxUJ+MIAN2vwPSUMTI2rKrEPpilAKup4l7EsxX2Dm73umh/xyWaKlpw8kAsB9dLuSj3gnh/k3SX6qwWkQASkbjBRe+iPrkVcRNfOvIHp/bg8kd5q4JwEIDh4x/JEf/l6zLpEar8hh2dSWVbbHBd5Xo9Ge5BjwXOcoDhvUQqNJdLBJruhvhn7Ogy5Paw5TGhdawfjxT2yXeqbEJuv6qdo/mSimkpR8lkQT7OsfAQbCPeyFvZKb22hXj6tCTVJncwCJLe/FBdXJhRepY6NEdmKZLGodXv4zLNVr7SkCAwEAAQ==
-----ENDPUBLICKEY-----

For older Collector versions, use this public key:

-----BEGINPUBLICKEY-----MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw+sL4Mx2Ip9AxTSp7Iw2k69tlJ8RqYNngJyecOLLiQkubgIQdnAkQurTfCPCuCHChvGGw3WCV617oJR25D0hNzOvS9wIXc1mEdsHCFbOuAVnJ7GLALmci6sR09jPiQnl2X58+edI/2g6j77G1Lz3B/aOK4p70Ro2TTE6Xj6XACeLkAZGu1W3UQfrJiYkGz4PovWMyeF2J88RcwrrdOLni5iFeLR5EL8TtoQCXUyqJFpuXpBkLbMedrpZAODqBcg3iwfeACcguO2X1cCWFXM+ubN1fzf2c+WrO3sg8io1cHTctX2GG+9r7DbqRuo0Ejj2D0fTi/JoVBCTXNxn2DrgL86Y5+mtpUN+MlnzZRFEbCqN2fC9CO1LlriD+3NKAuW7OVM10S/+eHApUQi1Ao5AABfjRxHWn2SISC5pmgYDeg90Lf0BTjX2+qn1HuJXDZUyD1XEeXedqE+/m9mgEU2suYOqk6ecD/qowv2gvkwd742XvfpZhaMCdehtVJwB5HLAv4VtQQYLECgMrqipAALybAExcAb0i16mMJi2QCPh44BrzcLQW/SZxYr9sg3IQXWBE84XbuzSyHJwBjvyxgf52+TlQ3bUY73ssOe/WV3FAdDHh0ekQdOKO4plPPMXmdYCH2dY5ji5bunY+kKHayT7pqX7nYPWHh4c2RvHkE3Tth8CAwEAAQ==
-----ENDPUBLICKEY-----

Images are signed using cosign. To verify them:

Save the public key to a file. For example, cosign.pub.

Run the following command:

cosign verify --insecure-ignore-tlog --key cosign.pub quay.io/signalfx/splunk-otel-collector:<collector-version>

Note: The OpenTelemetry Operator Docker image only supports Linux and cannot run on Windows nodes.

Configure the Collector: Config files, auto discovery, and other configuration sources

Use these configurations to change the default settings in each Collector package:

The Splunk Distribution of the OpenTelemetry Collector has the following configuration options than can be used by several Collector components.

Automatic discovery

Splunk Observability Cloud offers several options for no-hassle automatic discovery and configuration. Learn more at Automatic discovery of apps and services.

Use multiple configuration files

To define multiple config files simultaneously use:

./otelcol--config=file:/path/to/first/file--config=file:/path/to/second/file

Additional configuration sources

You can also use these additional configuration sources:

Collect logs

To collect logs with the Splunk Distribution of the OpenTelemetry Collector:

In Kubernetes environments, native OpenTelemetry log collection is supported by default. See more at Collect logs and events with the Collector for Kubernetes.
For Linux and Windows environments (physical hosts and virtual machines), use the Universal Forwarder to send logs to the Splunk platform. See more at Use the Splunk Universal Forwarder with the Collector.

Use the Collector

The OpenTelemetry Collector is a tech-agnostic way to receive, process and export telemetry data.

After you’ve installed the Collector in your platform, update your config file to define the different Collector components (receivers, processors, and exporters) you want to use. However, receivers and exporters are not enabled until they are in a pipeline, as explained in the next paragraph. You can also add extensions that provide the OpenTelemetry Collector with additional functionality, such as diagnostics and health checks. Find the available components at Collector components.

Next, you need to configure your service pipelines to determine how to process your data. In the pipelines section you tie together the receivers, processors and exporters, designing the path your data takes. Multiple pipelines can be defined, and a single receiver or exporter definition can be used in multiple pipelines. A single pipeline can also have multiple receivers or exporters within it. Learn more at Process your data with pipelines.

See also the following documents to understand how the Collector works, and how to use it:

Components and services of the Collector

The Splunk Distribution of the OpenTelemetry Collector has the following components and services:

Receivers: Determine how you’ll get data into the Collector.
Processors: Configure which operations you’ll perform on data before it’s exported. For example, filtering.
Exporters: Set up where to send data to. It can be one or more backends or destinations.
Extensions: Extend the capabilities of the Collector.
Connectors: Connect two pipelines, consuming data as an exporter at the end of one pipeline and emitting data as a receiver at the start of another pipeline.
Services. It consists of two elements:
- List of the extensions you’ve configured.
- Pipelines: Path data will follow from reception, then through processing or modification, and finally exiting through exporters.

For more information, see Collector components.

Collector variables and internal metrics

The Collector operates using these environmental variables and internal metrics:

Documentation