Integrate telegraf not working as expected

StefanW · ‎02-02-2021

Hello,

i read hundreds of articels, but its not working well. i try to gather data through telegraf from my snmp devices or other linux devices.

First i install on a linux device telegraf 1.17. Create a simple input file

[[inputs.diskio]]

and a file output

[[outputs.file]]
  ## Files to write to, "stdout" is a specially handled file.
 files = ["stdout", "/var/snmplog/metrics.out"]
 data_format = "splunkmetric"
 splunkmetric_hec_routing = false

On the universal forwarder where my telegraf is running on, i create a inputs.conf stanza for the metrics.out file

[monitor:///var/snmplog/*.out]
disabled = false
index = telegraf
sourcetype = telegraf

and in my company app a props.conf stanza for the sourcetype telegraf

[telegraf]
category = Metrics
description = Telegraf Metrics
pulldown_type = 1
DATETIME_CONFIG =
NO_BINARY_CHECK = true
SHOULD_LINEMERGE = true
disabled = false
INDEXED_EXTRACTIONS = json
KV_MODE = none
TIMESTAMP_FIELDS = time
TIME_FORMAT = %s.%3N
LINE_BREAKER = ([\r\n]+)

I tried to create the index "telegraf" as event index and also as "metrics" index. What is the right type of index for telegraf sending as splunkmetrics?

Running with metrics index type i dont see any events.

Running with event type index, i see events, but no fields are extracted and i have a big event with hundreds of values.

{"_value":103672,"metric_name":"diskio.weighted_io_time","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.writes","name":"loop2","time":1612282330}{"_value":47713280,"metric_name":"diskio.read_bytes","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.write_bytes","name":"loop2","time":1612282330}{"_value":114060,"metric_name":"diskio.read_time","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.write_time","name":"loop2","time":1612282330}{"_value":3872,"metric_name":"diskio.io_time","name":"loop2","time":1612282330}{"_value":39751,"metric_name":"diskio.reads","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.merged_reads","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.merged_writes","name":"loop2","time":1612282330}{"_value":0,"metric_name":"diskio.writes","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.write_bytes","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.write_time","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.io_time","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.merged_reads","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.merged_writes","name":"loop3","time":1612282330}{"_value":20,"metric_name":"diskio.reads","name":"loop3","time":1612282330}{"_value":32768,"metric_name":"diskio.read_bytes","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.read_time","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.weighted_io_time","name":"loop3","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"loop3","time":1612282330}{"_value":13287963,"metric_name":"diskio.reads","name":"sda","time":1612282330}{"_value":26131311,"metric_name":"diskio.writes","name":"sda","time":1612282330}{"_value":315109941248,"metric_name":"diskio.read_bytes","name":"sda","time":1612282330}{"_value":636415049728,"metric_name":"diskio.write_bytes","name":"sda","time":1612282330}{"_value":53542148,"metric_name":"diskio.write_time","name":"sda","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"sda","time":1612282330}{"_value":83744736,"metric_name":"diskio.read_time","name":"sda","time":1612282330}{"_value":30181608,"metric_name":"diskio.io_time","name":"sda","time":1612282330}{"_value":137261312,"metric_name":"diskio.weighted_io_time","name":"sda","time":1612282330}{"_value":142855,"metric_name":"diskio.merged_reads","name":"sda","time":1612282330}{"_value":36168488,"metric_name":"diskio.merged_writes","name":"sda","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"sda1","time":1612282330}{"_value":0,"metric_name":"diskio.writes","name":"sda1","time":1612282330}{"_value":48879616,"metric_name":"diskio.read_bytes","name":"sda1","time":1612282330}{"_value":3652,"metric_name":"diskio.read_time","name":"sda1","time":1612282330}{"_value":0,"metric_name":"diskio.write_time","name":"sda1","time":1612282330}{"_value":3652,"metric_name":"diskio.weighted_io_time","name":"sda1","time":1612282330}{"_value":1743,"metric_name":"diskio.reads","name":"sda1","time":1612282330}{"_value":0,"metric_name":"diskio.write_bytes","name":"sda1","time":1612282330}{"_value":3652,"metric_name":"diskio.io_time","name":"sda1","time":1612282330}{"_value":0,"metric_name":"diskio.merged_reads","name":"sda1","time":1612282330}{"_value":0,"metric_name":"diskio.merged_writes","name":"sda1","time":1612282330}{"_value":636415049728,"metric_name":"diskio.write_bytes","name":"sda2","time":1612282330}{"_value":53542148,"metric_name":"diskio.write_time","name":"sda2","time":1612282330}{"_value":30176468,"metric_name":"diskio.io_time","name":"sda2","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"sda2","time":1612282330}{"_value":142855,"metric_name":"diskio.merged_reads","name":"sda2","time":1612282330}{"_value":36168488,"metric_name":"diskio.merged_writes","name":"sda2","time":1612282330}{"_value":13282111,"metric_name":"diskio.reads","name":"sda2","time":1612282330}{"_value":314988112896,"metric_name":"diskio.read_bytes","name":"sda2","time":1612282330}{"_value":83727040,"metric_name":"diskio.read_time","name":"sda2","time":1612282330}{"_value":137243956,"metric_name":"diskio.weighted_io_time","name":"sda2","time":1612282330}{"_value":26131311,"metric_name":"diskio.writes","name":"sda2","time":1612282330}{"_value":0,"metric_name":"diskio.merged_writes","name":"loop0","time":1612282330}{"_value":0,"metric_name":"diskio.write_bytes","name":"loop0","time":1612282330}{"_value":0,"metric_name":"diskio.merged_reads","name":"loop0","time":1612282330}{"_value":17583104,"metric_name":"diskio.read_bytes","name":"loop0","time":1612282330}{"_value":42544,"metric_name":"diskio.read_time","name":"loop0","time":1612282330}{"_value":0,"metric_name":"diskio.write_time","name":"loop0","time":1612282330}{"_value":1432,"metric_name":"diskio.io_time","name":"loop0","time":1612282330}{"_value":36456,"metric_name":"diskio.weighted_io_time","name":"loop0","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"loop0","time":1612282330}{"_value":12320,"metric_name":"diskio.reads","name":"loop0","time":1612282330}{"_value":0,"metric_name":"diskio.writes","name":"loop0","time":1612282330}{"_value":0,"metric_name":"diskio.write_bytes","name":"loop1","time":1612282330}{"_value":162976,"metric_name":"diskio.read_time","name":"loop1","time":1612282330}{"_value":0,"metric_name":"diskio.iops_in_progress","name":"loop1","time":1612282330}{"_value":0,"metric_name":"diskio.merged_reads","name":"loop1","time":1612282330}{"_value":0,"metric_name":"diskio.writes","name":"loop1","time":1612282330}{"_value":36114432,"metric_name":"diskio.read_bytes","name":"loop1","time":1612282330}{"_value":5880,"metric_name":"diskio.io_time","name":"loop1","time":1612282330}{"_value":139632,"metric_name":"diskio.weighted_io_time","name":"loop1","time":1612282330}{"_value":0,"metric_name":"diskio.merged_writes","name":"loop1","time":1612282330}{"_value":26595,"metric_name":"diskio.reads","name":"loop1","time":1612282330}{"_value":0,"metric_name":"diskio.write_time","name":"loop1","time":1612282330}

What goes wrong? What is missing? Can someone help me?

Thanks

best regards

Stefan

Integrate telegraf not working as expected

configuration

Modern way of developing distributed application using OTel

Enterprise Security Content Update (ESCU) | New Releases

Archived Metrics Now Available for APAC and EMEA realms