Live Workshop: Integrate Google SecOps with Bindplane - Join Us on January 29th at 11 AM ET!Sign Up Now

Using Splunk OTEL Collector with BindPlane OP

BindPlane OP and the BindPlane Agent can be used to collect data from your Splunk OTel Collectors. This allows you to start taking advantage of BindPlane OP without the need to re-instrument your collectors at the edge.

Step 1: Deploy a BindPlane Agent as a Gateway

This is the agent you will be routing data through and is what will be managed by BindPlane OP. In a production environment, this is likely to be a fleet of agents behind a load balancer. See our Collector Sizing and Scaling docs for more details on determining your collector architecture.

Step 2: Build the Configuration

  1. Create a new configuration
  2. Add the OTLP Source.
observIQ docs - OpenTelemetry (OTLP) - image 1
  1. Add a destination of your choice and configure it.

Step 3: Configure your Splunk OTel Collectors to forward to BindPlane Agent

Modify your Splunk OTel Collector configuration to use an otlp exporter. The exporter has many configuration options, see the readme for details.

Below is a minimalist configuration example. Replace bindplane-gateway with the hostname or IP address of your BindPlane agent.

yaml
1exporters:
2  otlp:
3    endpoint: bindplane-gateway:4317

Update your pipelines to include the new exporter. This example assumes you have a traces, metrics, and logs pipeline. Your configuration may differ.

yaml
1service:
2  pipelines:
3    traces:
4      exporters:
5      - otlp
6    metrics:
7      exporters:
8      - otlp
9    logs:
10      exporters:
11      - otlp