{"id":19286814,"url":"https://github.com/cuyu/splunk-log-handler","last_synced_at":"2025-02-23T23:16:22.954Z","repository":{"id":57470190,"uuid":"180952057","full_name":"cuyu/splunk-log-handler","owner":"cuyu","description":"Output logs to a splunk automatically by splunk-log-handler","archived":false,"fork":false,"pushed_at":"2019-04-12T07:46:33.000Z","size":9,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-19T09:21:16.035Z","etag":null,"topics":["logging","splunk"],"latest_commit_sha":null,"homepage":"https://github.com/cuyu/splunk-log-handler","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cuyu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-04-12T07:14:22.000Z","updated_at":"2019-04-12T07:47:34.000Z","dependencies_parsed_at":"2022-09-19T10:21:36.273Z","dependency_job_id":null,"html_url":"https://github.com/cuyu/splunk-log-handler","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cuyu%2Fsplunk-log-handler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cuyu%2Fsplunk-log-handler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cuyu%2Fsplunk-log-handler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cuyu%2Fsplunk-log-handler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cuyu","download_url":"https://codeload.github.com/cuyu/splunk-log-handler/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240390711,"owners_count":19793782,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["logging","splunk"],"created_at":"2024-11-09T22:04:26.645Z","updated_at":"2025-02-23T23:16:22.914Z","avatar_url":"https://github.com/cuyu.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003e Output logs to a splunk automatically by **splunk-log-handler**\n\n## Feature\n\n- Support sending logs to remote splunk via multiple ways:\n  - Streaming\n  - Tcp\n  - Udp\n  - Http Event Collector\n- Sending events asynchronously, will not block main process\n- JSON format\n- Support multi-thread/multi-process\n- Python2 and Python3 are supported\n\n## Installation\n\nUse pip:\n\n```bash\npip install splunk-log-handler\n```\n\n## User guide\n\n### Splunk Stream Handler\n\nWith splunk stream handler, you can specify the target index and source of remote splunk:\n\n```python\nfrom splunk_log_handler import SplunkStreamHandler\nimport logging\n\nhandler = SplunkStreamHandler('https://my-splunk-host:8089', 'admin', 'password', index='main', source='testing', level=logging.INFO)\nlogger = logging.getLogger('demo')\nlogger.setLevel(logging.INFO)\nlogger.addHandler(handler)\nlogger.info('This log will be sent to a splunk.')\n```\n\n#### Limition\n\n1. The default interval to send events to splunk is 1min, so if you can't see the logs in splunk, maybe you should wait a few seconds.\n\n2. For now the splunk stream handler is limited to send logs to one splunk, i.e. you shuld not initialize multiple `SplunkStreamHandler` instances in your code. (If multiple handlers are initilized, only the first handler's configuration will take effect!)\n\n   \u003e *If you really want to send logs to different splunk servers, I suggest you to send to a splunk forwarder and configure that forwarder to distribute the logs to multiple splunks.*\n\n3. We use a individual thread in main process to do the sending tasks, so if the main process is crashed, the logs will no longer be sent out.\n\n   \u003e Maybe in the future, we will support to use a individual process to do the logging things and thus can avoid such problem.\n\n### Splunk Tcp Handler\n\nIf you can accept duplicate logs, splunk tcp handler will be a good choice. It is cheaper (in perf scope) than splunk stream handler and it will not expose your username and password of remote splunk.\n\n```python\nfrom splunk_log_handler import SplunkTcpHandler\nimport logging\n\nhandler = SplunkTcpHandler('my-splunk-host', 9997)\nlogger = logging.getLogger('demo')\nlogger.setLevel(logging.INFO)\nlogger.addHandler(handler)\nlogger.info('This log will be sent to a splunk.')\n```\n\n### Splunk Udp handler\n\nSimilar to splunk tcp handler, but send via UDP socket:\n\n```python\nfrom splunk_log_handler import SplunkUdpHandler\nimport logging\n\nhandler = SplunkUdpHandler('my-splunk-host', 9984)\nlogger = logging.getLogger('demo')\nlogger.setLevel(logging.INFO)\nlogger.addHandler(handler)\nlogger.info('This log will be sent to a splunk.')\n```\n\n### Splunk HEC Handler\n\nSimilar to splunk stream handler (use token instead of username, password, and note that the port in spunk_uri should be the HEC port):\n\n```python\nfrom splunk_log_handler import SplunkHecHandler\nimport logging\n\nhandler = SplunkHecHandler('https://my-splunk-host:8088', 'YOUR-TOKEN-HERE', index='main', source='testing', level=logging.INFO)\nlogger = logging.getLogger('demo')\nlogger.setLevel(logging.INFO)\nlogger.addHandler(handler)\nlogger.info('This log will be sent to a splunk.')\n```\n\n#### Limitation\n\nSame to splunk stream handler.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcuyu%2Fsplunk-log-handler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcuyu%2Fsplunk-log-handler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcuyu%2Fsplunk-log-handler/lists"}