Related CLI Commands
The table below provides the list of service-related commands and their descriptions:
|or2-manage-service...-s splunk -a
||Activates the Splunk service in the specified project and region
|or2-manage-service...-s splunk-proxy -a
||Activates the Splunk proxy service in the specified project and region
|or2-splunk-proxy -p project -r region -a create -n endpoint_name -i splunk_instance -x proxy_instance -t port -q quota
||Manages Splunk proxy endpoints
|or2-describe-instances -S splunk [splunk-proxy]
||Displays the details of VM's created during the service activation
|or2-describe-services -s splunk [splunk-proxy]
||Describes the Splunk or Splunk proxy service activated in the specified project and region
Further on this page, you can find more details on the Splunk service manipulation.
When Splunk as a Service is activated, it starts a virtual machine with a trial version of Splunk Enterprise installed.
This version allows using Splunk free of charge up to the limit of 500 Mb of data per day for 60 days. After 60 days,
the trial license can be converted into a perpetual free license with the same conditions.
You can also convert the license from trial into a free one using Splunk web UI.
Several Splunk instances can be started for a project and region combination.
If necessary, a Splunk proxy server can also be created to manage data traffic from various endpoints.
When the Splunk proxy server is running, you can specify the endpoints from which traffic is to be managed and set the quota to limit the traffic from a particular endpoint
Several Splunk proxy servers can be created for a project and region.
Splunk as a Service Activation and Manipulation
To activate Splunk as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag and the -s/--service-name parameter
with 'splunk' value:
or2ms -p project -r region -a -s splunk
By default, Splunk servers are MEDIUM-shaped VMs with Ubuntu14.04_64-bit operating system.
As soon as the Splunk service is activated, its data can be retrieved using the or2-describe-services (or2dser) command:
or2dser -p project -r region -s splunk
You can find the details on the VMs created within the service activation, by calling the or2-describe-instances (or2din) command with -S splunk parameter:
or2din -p project -r region -S splunk
Splunk Proxy Activation and Manipulation
To start a Splunk proxy server, use the or2-manage-service (or2ms) command with the -a/--activate flag and the -s/--service-name parameter with 'splunk-proxy' value:
or2ms -p project -r region -a -s splunk-proxy
By default, Splunk proxy servers are started as MEDIUM-shaped VMs with Ubuntu14.04_64-bit operating system.
Once a Splunk proxy server has been activated, you can add and manage endpoints to limit traffic from. For this purpose, a special command, or2-splunk-proxy (or2sp), is used:
or2sp -p project -r region -a create -n endpoint_name -i splunk_instance -x proxy_instance -t port -q quota
This command should specify the endpoint action to be performed (describe, create or delete), the IDs of the Splunk service instance and the Splunk proxy instance,
the endpoint name and the data traffic quota in Mb set for the endpoint (for the 'create' action). The cumulative daily quota of all endpoints should not exceed 500 Mb.
To retrieve data on the endpoints configured for a particular Splunk proxy instance, use the or2sp command with the -a describe parameter:
or2sp -p project -r region -a describe -x proxy_instance
The command returns the list of all endpoints with their maximum quotas and current quota usage:
To delete a Splunk proxy endpoint, use the or2sp command with the -a delete parameter:
or2sp -a delete -x proxy_instance -n endpoint_name
As soon as the Splunk proxy service is activated, its data can be retrieved using the or2-describe-services (or2dser) command:
or2dser -p project -r region -s splunk-proxy
You can find the details on the VMs created within the service activation, by calling the or2-describe-instances (or2din) command with -S splunk-proxy parameter:
or2din -p project -r region -S splunk-proxy
The Splunk service has a web UI which is automatically available as soon as the service is activated.
The server URL and credentials are also returned as part of the or2-describe-services command response:
Using the provided URL, login and password, you can access the Splunk Web UI:
The service usage price is defined by the price of the VMs created during the Splunk service activation. Each Splunk or Splunk proxy server has the following configuration:
Therefore, the approximate monthly cost of one Splunk or Splunk proxy instance of 100% and 24/7 load is about $41.53 in EPAM-BY2 region (as of 08/07/2018).
The price can vary depending on the region and the usage pattern.
To get more detailed estimations, please, use our Cost Estimator tool.