Configure HCP Vault metric streaming to Splunk
For details on metrics scope and interpretation, see the HCP Vault metrics documentation.
HCP Vault metrics streaming is available for all production grade clusters. The feature is not available for Development tier clusters.
To configure metrics streaming to Splunk, you will need to have:
Have access to a paid Splunk Cloud or Enterprise account.
Splunk Cloud Trial account would not work with HCP Vault as its HEC (HTTP Event Collector ) listener is hosted using a self signed certificate that HCP won't trust.
Your Splunk HEC and token.
HEC endpoint should be created using
metricsindex in Splunk.
A HCP account with Admin or Contributor role assigned in HCP
A production grade HCP Vault cluster
From the HCP Vault cluster Overview page, select the Metrics view.
If you have not configured metrics streaming before, click Enable streaming.
From the Stream Vault metrics view, select Splunk as the provider and click Next.
Under Splunk Configuration, enter your HTTP Event Collector (HEC) Endpoint URL and event collector Token.
At this time, HCP Vault only supports metrics streaming to one metrics endpoint at a time.
HashiCorp has created a sample HCP Vault Splunk dashboard template for metrics visualizations. Splunk dashboard templates are distributed as Splunk apps. If you prefer to use the sample dashboard template, follow the Splunk instructions for adding a Splunk app to your Splunk Enterprise or Cloud environment.
To edit a metrics streaming integration, perform the following steps.
From the Metrics page, click on the Manage drop-down, then Edit configuration.
Edit the configuration, then click Save.
To disable a metrics streaming integration, from the Metrics page, click on the Manage drop-down, then Disable streaming.