Building for the Splunk Platform

How to best send our Java app's logs to Splunk?

janicki
New Member

Our Java app, developed in-house, has easily-parsed logs. I'd like to get them into Splunk real-time, and in an elegant way. (Nicer than Splunk tailing log files?) I can edit our Java app to do whatever is best for this purpose. What do you suggest?

DISCLAIMER: I am not familiar with Splunk, so I don't know how its pieces fit together!! Forwarder? App? REST? Java API? Java Bridge? What?! (However, I have seen Splunk's nice recommendations for log formatting.)

If someone could please summarize an approach, I'll research the details. I'd really appreciate your advice so I don't have to study the entire Splunk universe to make this development direction choice. Thanks!!!

0 Karma

janicki
New Member

FYI, (for others who find this question) I found this nice short video that shows a Java example of pushing events: http://www.splunk.com/view/SP-CAAAHHJ

0 Karma

ddrillic
Ultra Champion

The following speaks to that - Logging best practices

It shows the options -

alt text

0 Karma

janicki
New Member

Thanks! Although those seem to be methods for Splunk to PULL logs from an app... I was trying to PUSH. Our app creates lots of events that's aren't kept in memory very long, so PULL could be a problem.

0 Karma

ddrillic
Ultra Champion

Got it. In order to push data in you can look at REST API to push data into Splunk

alt text

The latest reference is Input endpoint descriptions

0 Karma

somesoni2
Revered Legend
0 Karma

janicki
New Member

Thanks, that's great!

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...

.conf23 Registration is Now Open!

Time to toss the .conf-etti 🎉 —  .conf23 registration is open!   Join us in Las Vegas July 17-20 for ...