A Python logging handler to sends logs to Splunk using HTTP event collector (HEC)
Project description
# Features
1. Log messages to Splunk via HTTP Event Collector (HEC). See [Splunk HEC Documentation](http://docs.splunk.com/Documentation/Splunk/latest/Data/AboutHEC)
2. All messages are logged as '_json' sourcetype by default.
3. A dictionary with 'log_level' and 'message' keys are constructed for logging records of type string.
![String log record representation in Splunk](https://github.com/vavarachen/splunk_http_handler/blob/master/resources/str_record.png)
4. Dictionary objects are preserved as JSON.
![Dictionary log record representation in Splunk](https://github.com/vavarachen/splunk_http_handler/blob/master/resources/dict_record.png)
5. If log record (dict) does not contains a '_time' field, one is added with the value set to current time.
# Examples
## Basic
```
from splunk_http_handler import SplunkHecHandler
import logging
log = logging.getLogger('')
log.addHandler(SplunkHecHandler(host, token))
log.setLevel('INFO')
log.info("Testing")
```
You should see the log message in your Splunk search.
## HTTPS Example
Additional parameters can be passed to specify port, protocol, ssl verification.
```
log.addHandler(SplunkHecHandler(host, token, port=8080, protocol='https', ssl_verify=True))
```
## Metadata Override
To override source, sourcetype and hostname:
```
log.addHandler(SplunkHecHandler(
host, token, port=8080, protocol='https', ssl_verify=True,
source='custom_source_string', sourcetype='valid_sourceytype', hostname='hostname_override'
))
```
1. Log messages to Splunk via HTTP Event Collector (HEC). See [Splunk HEC Documentation](http://docs.splunk.com/Documentation/Splunk/latest/Data/AboutHEC)
2. All messages are logged as '_json' sourcetype by default.
3. A dictionary with 'log_level' and 'message' keys are constructed for logging records of type string.
![String log record representation in Splunk](https://github.com/vavarachen/splunk_http_handler/blob/master/resources/str_record.png)
4. Dictionary objects are preserved as JSON.
![Dictionary log record representation in Splunk](https://github.com/vavarachen/splunk_http_handler/blob/master/resources/dict_record.png)
5. If log record (dict) does not contains a '_time' field, one is added with the value set to current time.
# Examples
## Basic
```
from splunk_http_handler import SplunkHecHandler
import logging
log = logging.getLogger('')
log.addHandler(SplunkHecHandler(host, token))
log.setLevel('INFO')
log.info("Testing")
```
You should see the log message in your Splunk search.
## HTTPS Example
Additional parameters can be passed to specify port, protocol, ssl verification.
```
log.addHandler(SplunkHecHandler(host, token, port=8080, protocol='https', ssl_verify=True))
```
## Metadata Override
To override source, sourcetype and hostname:
```
log.addHandler(SplunkHecHandler(
host, token, port=8080, protocol='https', ssl_verify=True,
source='custom_source_string', sourcetype='valid_sourceytype', hostname='hostname_override'
))
```
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for splunk_hec_handler-1.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 61f23a7790c27256c13b7dee3152359b7a7d47eff4d3e0e57c028b970cab3d62 |
|
MD5 | d9aee5a08fab697e6dcdfc18b6a1a272 |
|
BLAKE2b-256 | 6298eb2d616aa4339825adb19ba46f2a95b6adcf63fe6e7169eed67bfc08d5d3 |