Skip to content

Splunk

Stack9-core uses pino (low overhead NodeJs logger) and the stream pino-splunk-logger to pump logs/events into Splunk.

Environment Variables

In order to send logs to Splunk you must set the following environment variables:

LOG_ADAPTOR=splunk
LOG_SERVER_URI=<splunk-endpoint> // must be in the form https://<host>:8088
LOG_SERVER_API_KEY=<splunk-token>

Follow the instructions here​ to create a splunk token. Optional fields and input settings can be left as default.

References

CLIENT_APP_VERSION - The application version

ENVIRONMENT_TYPE - The environment type

Logging bootstrap

Set the entrypoint of the docker container to docker-bootstrap.sh

To disable seq logs use docker-bootstrap-noseq.sh

Logging the webserver

Set the entrypoint of the docker container to docker-run.sh

To disable seq logs use docker-run-noseq.sh

More info: