Hi,
I want to log a field, in this case the app version of an application to splunk. The application runs in cloud foundry. The app version is available as an env variable.
I am using the HttpEventCollectorLogbackAppender (HECLogbackAppender)

First try: When I extend the HttpEventCollectorLogbackAppender class and add a variable appVersion, just like the other fields sourcetype, source, and so on, that doesn't work, it's not inside the json that's being sent to Splunk.

Second try: When I add the app_version with

MDC.put("app_version", my_app_version_from_env_var) 

(google for "logback MDC" for more information on MDC)
the app_version gets logged in the properties field of the json when the app starts, so all the Spring-related stuff that gets logged when a Spring application starts, contains "properties":{"app_version":"1.13"} in the json.
But after a few logs, the properties field does not appear anymore, and so doesn't the app_version.
Can someone help?

Regards