Splunk Logging integration for Django
Project description
# Django-Splunk-Logging
## About
Django-Splunk-Logging implements a singleton data format and pipes your events into splunk enterprise by utilizing the HTTP Event Collector.
### SplunkEvent Example
```
def update_name_api(request):
user = request.user
user.name = request.GET['name']
user.save()
from django_splunk_logging import SplunkEvent
SplunkEvent(key="User_event",
request=request,
name="name_change",
obj=user,
user=user)
return "Success!"
```
This will send an event into splunk with the sourcetype 'User_event':
```
{
auth: true,
user: 303,
event: name_change,
eventData: {
name:"NEW NAME",
email:"USER@MAIL.COM"
**other user model data**
},
request: {
GET: {
api_key: xxxxxxxxxxxxxxxxxxxxxx
},
POST: {
name: "NEW NAME"
},
META: {
CLIENT: iPhone,
HTTP_HOST: website.com,
HTTP_REFERER: null,
HTTP_USER_AGENT: iPhone; iOS 9.2.1; Scale/2.00,
HTTP_X_FORWARDED_FOR: 70.196.185.31
}
host: website.com,
method: POST,
path: /auth/profile/?api_key=xxxxxxxxxxxxxxxxxxxxxx
}
}
```
### Logging Example
Also contained is a logging handler that you can set up in your django settings to insert logging messages that are raised throughout your application.
```
def api_function(request):
if request.GET.get('special', None):
logging.info("Special function is firing!")
...
```
This will out throw an event into splunk with the sourcetype 'server_log':
```
{
auth: true
event: INFO
eventData: {
line: 539
message: "Special function is firing!"
method: api_function
module: the_api_module
path: /path/to/the_api_module.py
}
request: {
GET: {
special: true,
api_key: xxxxxxxxxxxxxxxxxxxxx
}
META: {
...
}
Version: 1.0.14
host: website.com
method: GET
path: /api/function/?api_key=xxxxxxxxxxxxxxxxxxxxx
}
user: 303
}
```
### Exception example
This handler also works with raising an exception:
```
class InvalidParameter(Exception):
http_response_code = 400
def __init__(self, message=None, **kwargs):
super(InvalidParameter, self).__init__(message)
def location(request):
if not request.GET.get('lat', None) and request.GET.get('lng', None):
raise InvalidParameter("Must supply lat and lng")
```
Will send data to splunk as well:
```
{
auth: false
event: ERROR
eventData: {
line: 322
message: Must supply lat and lng
method: location
module: location_api
path: /path/to/location_api.py
response_code: 400
traceback: Traceback (most recent call last):
File "/home/ubuntu/beta/production/ridescout/api/decorators.py", line 150, in wrapper
api_results = f(*args, **kwargs)
File "/home/ubuntu/beta/production/ridescout/sdk/api.py", line 322, in sync
platform))
InvalidParameterError: No app org.trimet.mt.mobiletickets for android
}
request: {
GET: {
api_key: xxxxxxxxxxxxxxxxx
lat: 0.0
}
META: { [-]
CLIENT: android
HTTP_HOST: website.com
HTTP_REFERER: null
HTTP_USER_AGENT: okhttp/2.5.0
HTTP_X_FORWARDED_FOR: 24.163.101.232
}
Version: 1.0.14
host: website.com
method: GET
path: /location/?lat=0.0&api_key=xxxxxxxxxxxxxxxxx
}
user: null
}
```
## Installation
Run `pip install django-splunk-logging`
Add `splunk` to `INSTALLED_APPS` in your django settings
```
INSTALLED_APPS = (
...
'django_splunk_logging',
)
```
In your django settings:
```
...
LOGGING = {
'handlers': {
'console': {
'class': 'logging.StreamHandler',
},
'splunk':{
'class':'django_splunk_logging.SplunkHandler'
},
}
'loggers':{
'django':{
'handlers': ['console','splunk',],
'propagate':False,
},
}
}
##
# Django-Splunk-Logging
##
# Enable or disable Splunk Logs
SPLUNK_LOGS = False
# Generic fallback auth key for unassigned keys
SPLUNK_DEFAULT_TOKEN = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx"
# Registered Auth keys with your splunk event collector
SPLUNK_TOKENS = {
"server_log":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
"user_event":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
"my_special_event":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
}
# Splunk Event Collector has enabled HTTPS
SPLUNK_HTTPS = False
# Splunk Server Address
SPLUNK_ADDRESS = "12.345.67.891"
# Event Collector Port (default: 8088)
SPLUNK_EVENT_COLLECTOR_PORT = "8088"
# Enable threading on event sending
SPLUNK_THREAD_EVENTS = True
```
Optionally, you can specify `VERSION` in settings to add to the splunk data
## About
Django-Splunk-Logging implements a singleton data format and pipes your events into splunk enterprise by utilizing the HTTP Event Collector.
### SplunkEvent Example
```
def update_name_api(request):
user = request.user
user.name = request.GET['name']
user.save()
from django_splunk_logging import SplunkEvent
SplunkEvent(key="User_event",
request=request,
name="name_change",
obj=user,
user=user)
return "Success!"
```
This will send an event into splunk with the sourcetype 'User_event':
```
{
auth: true,
user: 303,
event: name_change,
eventData: {
name:"NEW NAME",
email:"USER@MAIL.COM"
**other user model data**
},
request: {
GET: {
api_key: xxxxxxxxxxxxxxxxxxxxxx
},
POST: {
name: "NEW NAME"
},
META: {
CLIENT: iPhone,
HTTP_HOST: website.com,
HTTP_REFERER: null,
HTTP_USER_AGENT: iPhone; iOS 9.2.1; Scale/2.00,
HTTP_X_FORWARDED_FOR: 70.196.185.31
}
host: website.com,
method: POST,
path: /auth/profile/?api_key=xxxxxxxxxxxxxxxxxxxxxx
}
}
```
### Logging Example
Also contained is a logging handler that you can set up in your django settings to insert logging messages that are raised throughout your application.
```
def api_function(request):
if request.GET.get('special', None):
logging.info("Special function is firing!")
...
```
This will out throw an event into splunk with the sourcetype 'server_log':
```
{
auth: true
event: INFO
eventData: {
line: 539
message: "Special function is firing!"
method: api_function
module: the_api_module
path: /path/to/the_api_module.py
}
request: {
GET: {
special: true,
api_key: xxxxxxxxxxxxxxxxxxxxx
}
META: {
...
}
Version: 1.0.14
host: website.com
method: GET
path: /api/function/?api_key=xxxxxxxxxxxxxxxxxxxxx
}
user: 303
}
```
### Exception example
This handler also works with raising an exception:
```
class InvalidParameter(Exception):
http_response_code = 400
def __init__(self, message=None, **kwargs):
super(InvalidParameter, self).__init__(message)
def location(request):
if not request.GET.get('lat', None) and request.GET.get('lng', None):
raise InvalidParameter("Must supply lat and lng")
```
Will send data to splunk as well:
```
{
auth: false
event: ERROR
eventData: {
line: 322
message: Must supply lat and lng
method: location
module: location_api
path: /path/to/location_api.py
response_code: 400
traceback: Traceback (most recent call last):
File "/home/ubuntu/beta/production/ridescout/api/decorators.py", line 150, in wrapper
api_results = f(*args, **kwargs)
File "/home/ubuntu/beta/production/ridescout/sdk/api.py", line 322, in sync
platform))
InvalidParameterError: No app org.trimet.mt.mobiletickets for android
}
request: {
GET: {
api_key: xxxxxxxxxxxxxxxxx
lat: 0.0
}
META: { [-]
CLIENT: android
HTTP_HOST: website.com
HTTP_REFERER: null
HTTP_USER_AGENT: okhttp/2.5.0
HTTP_X_FORWARDED_FOR: 24.163.101.232
}
Version: 1.0.14
host: website.com
method: GET
path: /location/?lat=0.0&api_key=xxxxxxxxxxxxxxxxx
}
user: null
}
```
## Installation
Run `pip install django-splunk-logging`
Add `splunk` to `INSTALLED_APPS` in your django settings
```
INSTALLED_APPS = (
...
'django_splunk_logging',
)
```
In your django settings:
```
...
LOGGING = {
'handlers': {
'console': {
'class': 'logging.StreamHandler',
},
'splunk':{
'class':'django_splunk_logging.SplunkHandler'
},
}
'loggers':{
'django':{
'handlers': ['console','splunk',],
'propagate':False,
},
}
}
##
# Django-Splunk-Logging
##
# Enable or disable Splunk Logs
SPLUNK_LOGS = False
# Generic fallback auth key for unassigned keys
SPLUNK_DEFAULT_TOKEN = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx"
# Registered Auth keys with your splunk event collector
SPLUNK_TOKENS = {
"server_log":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
"user_event":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
"my_special_event":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
}
# Splunk Event Collector has enabled HTTPS
SPLUNK_HTTPS = False
# Splunk Server Address
SPLUNK_ADDRESS = "12.345.67.891"
# Event Collector Port (default: 8088)
SPLUNK_EVENT_COLLECTOR_PORT = "8088"
# Enable threading on event sending
SPLUNK_THREAD_EVENTS = True
```
Optionally, you can specify `VERSION` in settings to add to the splunk data
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for django_splunk_logging-1.0.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | bdaa2c243eeb78d8c46a01b55d42f762bac72a969af9f1c5cca665f0d6df2dd2 |
|
MD5 | bace9810d6da92e8cabb2467b97be1c7 |
|
BLAKE2b-256 | 6bcf473122cca8b3d5bf95e2a1fd89d894ae6ac880e34db56455fbecf0cfa1f1 |