JFrog Log Analytics with Splunk

Monitor, Investigate, and Secure Your DevOps Flow

Many enterprises rely on JFrog Artifactory, Xray, and Splunk to speed and monitor their software production life cycle through DevOps. The unified JFrog Platform provides the flexibility and scalability demanded by today’s modern software organizations to innovate and deliver ahead of the competition. Splunk’s vital data analytics platform can help optimize operational efficiency throughout the organization.  People often think about the importance of monitoring their “production” services.  It is equally important to monitor tools like the JFrog Platform, which are critical to the management and deployment of all the other services. 

Operations teams need a way to bring disparate on-premises JFrog Platform Deployment (JPD) log data together into a single collection, to analyze performance and track down operating problems. And when even a small enterprise JPD might record millions of transaction events each day, operators need to be able to connect that data to Splunk’s powerful analytics to help find vital insights.

The integration between JFrog and Splunk makes all rich log data on data transfers, repository access, audit actions, and service errors from the JFrog Platform available for analysis within Splunk Enterprise or Splunk Cloud for visibility across the entire value stream. Together their solutions create Code-to-Cloud visibility.

Benefits of Integration

  • Gain insight into the health and efficiency of the JFrog Platform
  • Consolidate JFrog Platform log data from multiple high-availability instances
  • Visualize operational activity of Artifactory and Xray in real time
  • Identify attempts to breach security
  • Optimize performance of your delivery chain
Get the Splunk App

 

The JFrog Platform

At the heart of the JFrog Platform is JFrog Artifactory, the industry standard for universal binary repository managers. Artifactory provides end-to-end automation and management of binaries and artifacts throughout the application delivery process.

  • Improves productivity across your development pipeline
  • Ecosystem freedom with support for all major Cl/CD platforms and DevOps tools you already use
  • Supports 25+ packages such as Conan, Debian, Docker, Go, Helm, Maven, npm, NuGet, and PyPI
  • Kubernetes ready supporting containers, Docker, Helm Charts, and is your Kubernetes and Docker registry
  • Full CLI and REST APls customizable to your ecosystem

JFrog Xray is a universal software composition analysis (SCA) solution that natively integrates with Artifactory, giving DevSecOps teams an easy way to proactively identify open source vulnerabilities and license compliance violations, before they manifest in production.

  • Deep recursive scanning examines all the underlying layers and dependencies of components, even those packaged in Docker images, and zip files
  • Be confident with the most timely and comprehensive vulnerability intelligence VulnDB, plus other sources of vulnerabilities, license compliance, component versions
  • and others
  • Unprecedented visibility of your artifacts and dependencies enables Xray to provide an impact analysis of any issues discovered in your software

Splunk App for JFrog Platform Analytics

The Splunk App for JFrog Platform Log Analytics enables joint customers to ingest and analyze operations data from Artifactory and Xray components of the JFrog DevOps Platform. The app consolidates JFrog log information from all services and all running instances in high-availability installations of Artifactory and Xray, and presents a unified set of data through out-of-the-box dashboards in Splunk, for real-time monitoring and analytics of the JFrog Platform’s activity.

JFrog Platform Log Analytics Splunk App

Artifactory Log Analytics

The Splunk dashboards for JFrog Artifactory log data enable you to see, in real time, what is being accessed and when. Through the Splunk visualizations, you can readily identify request inefficiencies and audit for usage and possible service attacks.

Once installed, The Splunk app dashboard presents timeline and count data for key operating metrics:

  • Log volumes, which can be filtered by type
  • Service errors
  • HTTP response codes
  • Accessed image
  • Accessed repositories
  • Data transfers in GB for uploads/downloads
  • Top 10 IPs for upload/download
  • Audit actions by username
  • Denied actions and logins by IP and username
  • Accepted deploys by username

If you need more, you can use the unified data to build your own custom dashboard widgets in Splunk, to gain the operating insights you need.

JFrog Artifactory Log Analytics with Splunk

Xray Log Analytics

Through these Splunk dashboards, you can see the log activity and HTTP responses for the JFrog Xray server that scans the binaries in your Artifactory repositories for vulnerabilities. Displays include:

  • Log volumes, which can be filtered by type
  • Service errors
  • HTTP response codes

JFrog Xray Log Analytics with Splunk

Release Fast Or Die