Class: SemanticLogger::Appender::Splunk

Inherits:

Subscriber

• Object
• Base
• Subscriber
• SemanticLogger::Appender::Splunk

Defined in:

lib/semantic_logger/appender/splunk.rb

Instance Attribute Summary

• #config ⇒ Object readonly

  Returns the value of attribute config.

• #index ⇒ Object readonly

  Returns the value of attribute index.

• #service ⇒ Object readonly

  Returns the value of attribute service.

• #service_index ⇒ Object readonly

  Returns the value of attribute service_index.

• #source_type ⇒ Object readonly

  Returns the value of attribute source_type.

Attributes inherited from Subscriber

#application, #environment, #formatter, #host, #logger, #metrics

Instance Method Summary

• #call(log, logger) ⇒ Object

  Returns [Hash] To send to Splunk.

• #initialize(index: "main", source_type: nil, **args) ⇒ Splunk constructor

  Write to Splunk.

• #log(log) ⇒ Object

  Log the message to Splunk.

• #reopen ⇒ Object

  After forking an active process call #reopen to re-open open the handles to resources.

Methods inherited from Subscriber

#batch_by_default?, #close, #console_output?, #console_stream, #default_formatter, #flush, #level, #should_log?

Constructor Details

#initialize(index: "main", source_type: nil, **args) ⇒ Splunk

Write to Splunk.

Parameters :username [String] User name to log into splunk with. Not required if :token has been supplied.

:password [String]
Password to log into splunk with.
Not required if :token has been supplied.

:token
Supply a preauthenticated Splunk token instead of username and password.
Not required if username and password are supplied.

:host [String]
 Splunk server host name.
 Default: 'localhost'

:port [Integer]
 The Splunk management port.
 Default: 8089

:scheme [Symbol]
Either :https or :http
Default: :https

:index [String]
 Splunk index to use.
 Default: 'main'

:namespace [Namespace]
 Application namespace instance.

:ssl_client_cert [OpenSSL::X509::Certificate]
Client certificate.

:ssl_client_key [OpenSSL::PKey::RSA | OpenSSL::PKey::DSA]
Client key.

source_type: [String]
Optional: Source type to display in Splunk

application: [String]
The :source forwarded to Splunk
Default: SemanticLogger.application

host: [String]
Name of this host to appear in log messages.
Default: SemanticLogger.host

level: [:trace | :debug | :info | :warn | :error | :fatal]
Override the log level for this appender.
Default: SemanticLogger.default_level

formatter: [Object|Proc]
An instance of a class that implements #call, or a Proc to be used to format
the output from this appender
Default: Use the built-in formatter (See: #call)

filter: [Regexp|Proc]
RegExp: Only include log messages where the class name matches the supplied.
regular expression. All other messages will be ignored.
Proc: Only include log messages where the supplied Proc returns true
      The Proc must return true or false.

# File 'lib/semantic_logger/appender/splunk.rb', line 92

def initialize(index: "main", source_type: nil, **args, &)
  @index       = index
  @source_type = source_type

  super(**args, &)
  reopen
end

Instance Attribute Details

#config ⇒ Object (readonly)

Returns the value of attribute config.

# File 'lib/semantic_logger/appender/splunk.rb', line 25

def config
  @config
end

#index ⇒ Object (readonly)

Returns the value of attribute index.

# File 'lib/semantic_logger/appender/splunk.rb', line 25

def index
  @index
end

#service ⇒ Object (readonly)

Returns the value of attribute service.

# File 'lib/semantic_logger/appender/splunk.rb', line 25

def service
  @service
end

#service_index ⇒ Object (readonly)

Returns the value of attribute service_index.

# File 'lib/semantic_logger/appender/splunk.rb', line 25

def service_index
  @service_index
end

#source_type ⇒ Object (readonly)

Returns the value of attribute source_type.

# File 'lib/semantic_logger/appender/splunk.rb', line 25

def source_type
  @source_type
end

Instance Method Details

#call(log, logger) ⇒ Object

Returns [Hash] To send to Splunk.

For splunk format requirements see:

http://dev.splunk.com/view/event-collector/SP-CAAAE6P

# File 'lib/semantic_logger/appender/splunk.rb', line 121

def call(log, logger)
  h = SemanticLogger::Formatters::Raw.new.call(log, logger)
  h.delete(:time)
  message = {
    source:  logger.application,
    host:    logger.host,
    time:    log.time.utc.to_f,
    message: h.delete(:message),
    event:   h
  }
  message[:environment] = logger.environment if logger.environment
  message[:sourcetype]  = source_type if source_type
  message
end

#log(log) ⇒ Object

Log the message to Splunk

# File 'lib/semantic_logger/appender/splunk.rb', line 111

def log(log)
  event = formatter.call(log, self)
  service_index.submit(event.delete(:message), event)
  true
end

#reopen ⇒ Object

After forking an active process call #reopen to re-open open the handles to resources

# File 'lib/semantic_logger/appender/splunk.rb', line 102

def reopen
  # Connect to splunk. Connect is a synonym for creating a Service by hand and calling login.
  @service = ::Splunk.connect(config)

  # The index we are logging to
  @service_index = service.indexes[index]
end