Use Splunk
Splunk is a third-party monitoring solution compatible with Besu. A Splunk server can receive Besu logs and enable complex search, visualization, and analysis.
Splunk can aggregate multiple logs in one place and run complex queries without being connected to the machine running Besu to read the standard output.
Options for running Splunk and Besu are:
Developer Quickstart with Splunk
To view the Quickstart network logs in Splunk:
- Start the Developer Quickstart with Besu, selecting Splunk monitoring.
- Open the Splunk UI.
Splunk Connect for Ethereum Docker Compose
To run a development Besu node and connect it to Splunk Enterprise, use the Splunk Connect for Ethereum demonstration Docker Compose environment provided by Splunk.
Requirements
A Splunk license is not required to use the Splunk Connect for Ethereum demonstration.
Steps
-
Clone the Splunk Connect for Ethereum repository:
git clone https://github.com/splunk/splunk-connect-for-ethereum.git
cd splunk-connect-for-ethereum -
Start the demonstration environment by following the Splunk Connect for Ethereum repository README.
noteSplunk enterprise takes some time to start.
Run
docker ps
and wait for theSTATUS
of the 3 containers to beUp [number] seconds (healthy)
.CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
127600dd1173 splunkdlt/ethlogger:latest "ethlogger" 53 seconds ago Up 51 seconds (healthy) ethlogger
88dfcee683c4 splunk/splunk:latest "/sbin/entrypoint.sh…" 53 seconds ago Up 52 seconds (healthy) 8065/tcp, 8088-8089/tcp, 8191/tcp, 9887/tcp, 9997/tcp, 0.0.0.0:18000->8000/tcp splunk
111b0c6d6072 hyperledger/besu:1.4.4 "besu" 53 seconds ago Up 52 seconds (healthy) 8545-8547/tcp, 30303/tcp besu