clearwaterstream
commented
4 years ago Hi @Haddox19,
Let me take a look. I've done re-tries before, for things like transient network errors and other "flukes". I think adding re-tries for those scenarios is a good idea.
For scenarios where Splunk "is down" I'm afraid you'll need to handle on your own. In AWS, it's not uncommon to stream Splunk events into Kenesis and then Firehose them into Splunk.
I can raise an event if the short-burst retry still failed to deliver the log entry to Splunk over https, then it's your job to do whatever you wish with the failed log entry. Would that work?
Hello,
I needed the ability to set the sourcetype of our Splunk logs as well as integrate the ability for the class to retry sending the logs to Splunk if there is any kind of failure, and being able to specify how many times I want it to retry.
These were relatively easy updates however I do not know the process of making changes to these github packages and I am not familiar with Git, I use TFS.
I am using a one off version with my changes in my code but would like to share them if you think they are beneficial to others users of this package.