Closed ecowden closed 8 years ago
Hi @ecowden
Sorry you are having issues.
By default we sent in the format that you are seeing, with your custom payload under "message". You can however provide a custom formatter in a few lines of code to send in your own custom format and have complete control. If you look at this test you will see how you can do it, basically you override the eventFormatter function.
Let me know if you have any questions!
Ahh, now I see what that formatter does...
In case anyone else stumbles across this, I got this working by using a formatter like:
splunkLogger.eventFormatter = function (message, severity) {
return message
}
...and passing in the event I want under message
, like:
const event = {
message: "logging message goes here",
app: "some miscellaneous metadata",
moreMetadata: "actually, there's lots of metadata for the event",
severity: "info"
}
splunkLogger.send({ message: event }, err => {
// ...
})
Thanks!
👍
I'm probably just using this library wrong, but I can't seem to send the event I want to send to the HTTP event collector.
I want to send a logging event with an
event
attribute including both a message and metadata like,I've tried several ways to interact with the
Logger.send(...)
method without success. First:The event that makes it into splunk is just the "message" and "severity" fields. I can confirm that the request sent from the library, splunklogger.js:459, is missing the extra metadata fields:
... and the result in Splunk:
I've also tried putting the metadata under,
metadata
, but that seems to be reserved forsource
,sourcetype
,index
andhost
.I've also tried putting all the the info under an additional
message
attribute:...and while it does come through...
...we don't want those fields to be
message.message
ormessage.app
, we really want it at the top level.I can create and POST the event I want directly to the endpoint and it works as expected. Is there any way to do it with this library?