We are currently using TCP capability to index REST API logs in Splunk. We now have requirement to use UDP instead of TCP. When I select UDP capabilities under same role nothing happens.
I am keeping rest all setting (port, URL etc. ) same and adding UDP capability for the role. Do I need to make any other changes to index REST logs using UDP?
Source setting are as follows:
1.) Add slpunk Nuget Package
2.) Add a class SplunkAppender.cs
internal class SplunkAppender : log4net.Appender.AppenderSkeleton
{
…
public SplunkAppender()
{
var connectArgs = new ServiceArgs
{
//TODO: Read this from config file
Host = {splunk url},
Port = 8089
};
var service = new Service(connectArgs);
service.Login(username, password);
_receiver = new Splunk.Receiver(service);
}
protected override void Append(log4net.Core.LoggingEvent loggingEvent)
{
string data = RenderLoggingEvent(loggingEvent);
_receiver.Submit(new ReceiverSubmitArgs()
{
Index = _index,
Source = _source,
SourceType = _sourceType
}, data);
}
}
3.) Change Configuration – Add a new appender
4.) For logging to splunk end point
var logger = LogManager.GetLogger("SplunkLogger");
logger.Info("logged to splunk! GFX2Client Plugin Loaded");
... View more