-
Notifications
You must be signed in to change notification settings - Fork 47
/
Copy pathcustom_format.js
114 lines (103 loc) · 2.97 KB
/
custom_format.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
/*
* Copyright 2015 Splunk, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"): you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
/**
* This example shows how to use a custom event format for SplunkLogger.
*/
// Change to require("splunk-logging").Logger;
var SplunkLogger = require("../index").Logger;
/**
* Only the token property is required.
*/
var config = {
token: "your-token-here",
url: "https://localhost:8088"
};
// Create a new logger
var Logger = new SplunkLogger(config);
Logger.error = function(err, context) {
// Handle errors here
console.log("error", err, "context", context);
};
/**
* Override the default eventFormatter() function,
* which takes a message and severity, returning
* any type; string or object are recommended.
*
* The message parameter can be any type. It will
* be whatever was passed to Logger.send().
* Severity will always be a string.
*
* In this example, we're building up a string
* of key=value pairs if message is an object,
* otherwise the message value is as value for
* the message key.
*
* This string is prefixed with the event
* severity in square brackets.
*/
Logger.eventFormatter = function(message, severity) {
var event = "[" + severity + "]";
if (typeof message === "object") {
for (var key in message) {
event += key + "=" + message[key] + " ";
}
}
else {
event += "message=" + message;
}
return event;
};
// Define the payload to send to HTTP Event Collector
var payload = {
// Message can be anything, it doesn't have to be an object
message: {
temperature: "70F",
chickenCount: 500
},
// Metadata is optional
metadata: {
source: "chicken coop",
sourcetype: "httpevent",
index: "main",
host: "farm.local"
},
// Severity is also optional
severity: "info"
};
console.log("Sending payload", payload);
/**
* Since maxBatchCount is set to 1 by default,
* calling send will immediately send the payload.
*
* The underlying HTTP POST request is made to
*
* https://localhost:8088/services/collector/event/1.0
*
* with the following body
*
* {
* "source": "chicken coop",
* "sourcetype": "httpevent",
* "index": "main",
* "host": "farm.local",
* "event": "[info]temperature=70F chickenCount=500 "
* }
*
*/
Logger.send(payload, function(err, resp, body) {
// If successful, body will be { text: 'Success', code: 0 }
console.log("Response from Splunk", body);
});