Splunk Demo For Hyperledger Besu
Hyperledger Besu is an Enterprise mainnet-compatible Ethereum client.
In this demo, we showcase how all this information can be used when syncing to the network.
The demo uses a set of working prototype Splunk applications.
Hyperledger Besu reports a wide array of metrics using the Prometheus or the OpenTelemetry frameworks.
Splunk can interpret those metrics and render them live in the analytics workspace and integrate them with dashboards.
Besu offers internal metrics showing the state of the client, from its memory use to the discovery of peers, its synchronization state and its highest block number.
Besu instruments all incoming JSON-RPC calls through tracing, reporting all interactions and the JSON-RPC method called. We also instrument critical processes such as the block processing time.
Our team has contributed a complete tutorial to the Hyperledger Besu official documentation for your reference. Feedback welcome!
All this rich data is collected and analyzed by Splunk. Here is a typical transaction representing a token transfer on the Goerli network:
Don’t have a Besu node? No problem! Ethlogger can also interface with Infura and XDai (see this simple docker-compose example!).
Here is an example of configuration pointing Besu to log to Splunk directly, using environment variables:
LOGGER=Splunk \SPLUNK_URL=https://localhost:8088 \SPLUNK_TOKEN=11111111-1111-1111-1111-1111111111113 \SPLUNK_SKIPTLSVERIFY=true \besu \--network=dev \--miner-coinbase=0xfe3b557e8fb62b89f4916b721be55ceb828dbd73 \--miner-enabled \--logging=trace
LOGGER=Splunk configures Besu to log directly to Splunk.
SPLUNK_SKIPTLSVERIFY are used to configure the HEC connection.
Syncing to Chain
This integration enables deep insights critical to Besu developers. During the initial sync, the client is tasked with peering with other participants and sync its data to match the blockchain. This benchmark is crucial when introducing breaking changes, such as the adoption of EIP-1559 constructs or Bonsai trees to represent transactions, or mundane, yet critical networking features such as exposing richer discovery information as exposed in EIP-868.
Here, Splunk offers a comprehensive view that combines all forms of data to understand better where time is spent and what factors into the quickest sync. Peering effectively seems extremely important, and we witness that block processing time is mostly constant through the sync.