Class: SemanticLogger::Appender::Splunk

Inherits:
Subscriber show all
Defined in:
lib/semantic_logger/appender/splunk.rb

Overview

Splunk log appender.

Use the official splunk gem to log messages to Splunk.

Example

SemanticLogger.add_appender(
  appender: :splunk,
  username: 'username',
  password: 'password',
  host:     'localhost',
  port:     8089,
  scheme:   :https,
  index:    'main'
)

Instance Attribute Summary collapse

Attributes inherited from Subscriber

#application, #formatter, #host

Attributes inherited from Base

#filter, #name

Instance Method Summary collapse

Methods inherited from Subscriber

#close, #default_formatter, #flush, #level

Methods inherited from Base

#fast_tag, #level, #level=, #measure, #payload, #pop_tags, #push_tags, #silence, #tagged, #tags, #with_payload

Constructor Details

#initialize(options = {}, _deprecated_level = nil, &block) ⇒ Splunk

Write to Splunk.

Parameters

:username [String]
  User name to log into splunk with.
  Not required if :token has been supplied.

:password [String]
  Password to log into splunk with.
  Not required if :token has been supplied.

:token
  Supply a preauthenticated Splunk token instead of username and password.
  Not required if username and password are supplied.

:host [String]
   Splunk server host name.
   Default: 'localhost'

:port [Integer]
   The Splunk management port.
   Default: 8089

:scheme [Symbol]
  Either :https or :http
  Default: :https

:index [String]
   Splunk index to use.
   Default: 'main'

:namespace [Namespace]
   Application namespace instance.

:ssl_client_cert [OpenSSL::X509::Certificate]
  Client certificate.

:ssl_client_key [OpenSSL::PKey::RSA | OpenSSL::PKey::DSA]
  Client key.

source_type: [String]
  Optional: Source type to display in Splunk

application: [String]
  The :source forwarded to Splunk
  Default: SemanticLogger.application

host: [String]
  Name of this host to appear in log messages.
  Default: SemanticLogger.host

level: [:trace | :debug | :info | :warn | :error | :fatal]
  Override the log level for this appender.
  Default: SemanticLogger.default_level

formatter: [Object|Proc]
  An instance of a class that implements #call, or a Proc to be used to format
  the output from this appender
  Default: Use the built-in formatter (See: #call)

filter: [Regexp|Proc]
  RegExp: Only include log messages where the class name matches the supplied.
  regular expression. All other messages will be ignored.
  Proc: Only include log messages where the supplied Proc returns true
        The Proc must return true or false.


89
90
91
92
93
94
95
96
97
98
99
# File 'lib/semantic_logger/appender/splunk.rb', line 89

def initialize(options = {}, _deprecated_level = nil, &block)
  @config         = options.dup
  @config[:level] = _deprecated_level if _deprecated_level
  @index          = @config.delete(:index) || 'main'
  @source_type    = options.delete(:source_type)

  options = extract_subscriber_options!(@config)
  # Pass on the level and custom formatter if supplied
  super(options, &block)
  reopen
end

Instance Attribute Details

#configObject (readonly)

Returns the value of attribute config.



22
23
24
# File 'lib/semantic_logger/appender/splunk.rb', line 22

def config
  @config
end

#indexObject (readonly)

Returns the value of attribute index.



22
23
24
# File 'lib/semantic_logger/appender/splunk.rb', line 22

def index
  @index
end

#serviceObject (readonly)

Returns the value of attribute service.



22
23
24
# File 'lib/semantic_logger/appender/splunk.rb', line 22

def service
  @service
end

#service_indexObject (readonly)

Returns the value of attribute service_index.



22
23
24
# File 'lib/semantic_logger/appender/splunk.rb', line 22

def service_index
  @service_index
end

#source_typeObject (readonly)

Returns the value of attribute source_type.



22
23
24
# File 'lib/semantic_logger/appender/splunk.rb', line 22

def source_type
  @source_type
end

Instance Method Details

#call(log, logger) ⇒ Object

Returns [Hash] To send to Splunk For splunk format requirements see:

http://dev.splunk.com/view/event-collector/SP-CAAAE6P


122
123
124
125
126
127
128
129
130
131
132
133
134
# File 'lib/semantic_logger/appender/splunk.rb', line 122

def call(log, logger)
  h = log.to_h(nil, nil)
  h.delete(:time)
  message               = {
    source:  logger.application,
    host:    logger.host,
    time:    log.time.utc.to_f,
    message: h.delete(:message),
    event:   h
  }
  message[:source_type] = source_type if source_type
  message
end

#log(log) ⇒ Object

Log the message to Splunk



112
113
114
115
116
117
# File 'lib/semantic_logger/appender/splunk.rb', line 112

def log(log)
  return false unless should_log?(log)
  event = formatter.call(log, self)
  service_index.submit(event.delete(:message), event)
  true
end

#reopenObject

After forking an active process call #reopen to re-open open the handles to resources



103
104
105
106
107
108
109
# File 'lib/semantic_logger/appender/splunk.rb', line 103

def reopen
  # Connect to splunk. Connect is a synonym for creating a Service by hand and calling login.
  self.service       = Splunk::connect(config)

  # The index we are logging to
  self.service_index = service.indexes[index]
end