Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Running splunk in Google App Engine

gmcfall
Engager
‎05-16-2011 06:54 AM

We run parts of our application in Google App Engine (GAE).

Is it possible to forward logs from GAE to a remote Splunk indexer?
If so, how?

Tags (4)
Reply

Andreux
Splunk Employee
Splunk Employee
‎10-27-2011 04:59 PM

It's quite possible; looking at FirePython, it can see application logs from GAE applications. It places them into the HTTP response headers, allowing a Javascript client application to see logs from the GAE python application.

Though I haven't tried this, you could use a similar approach to send logs to the Splunk REST API data input endpoint /receivers/simple by using the GAE urlfetch API (google.appengine.api.urlfetch).

You may like to look at the FirePython middleware implementation here for more details about how to get at the log data, and the Splunk REST API documentation about how to format your HTTP requests.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...