Solved: Log4j Selective logging

viranis · ‎12-03-2020

I have a setup where I have configured Log4j2 within a springboot service and have setup HEC on Splunk. The setup is working brilliantly where the logs are pushed to splunk without any issues.

My question is, is there a mechanism where i can control the kinds of logs pushed via HEC ? For example, my log file prints a lot of information like queries, logged in user data, application's exception stack traces, etc. and currently everything goes to Splunk. Is there a way where I can control to push maybe just the exceptions or just the logged in user info, etc ? Is this possible ?

If not, are there any other options that I should explore ?

Appreciate in advance

viranis · ‎12-09-2020

Okay, i found a way to do this. I used RegexFilter within log4j2's SplunkHttp Appender to capture very specific logs and only those now flow to Splunk.

View solution in original post

viranis · ‎12-09-2020

Okay, i found a way to do this. I used RegexFilter within log4j2's SplunkHttp Appender to capture very specific logs and only those now flow to Splunk.

Log4j Selective logging

other

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor