I've been trying to configure the Lambda function splunk-cloudwatch-logs-processor from the Splunk blog article: how-to-easily-stream-aws-cloudwatch-logs-to-splunk/
But when the logs are being pushed into splunk the source is either the lambda function name or lambda:undefined
Which means all of the logs from the LogGroup are pushed into one undefinable mess. Can't tell the difference between the LogStreams within the LogGroup.
I can use the following to edit the source as "test"
But I want the source to be the logstreamname where the logs are getting pushed into splunk. Similar to how the Cloudwatch logs input on the AWS app works.
But i've tried this and also parsed.logSteamName and various combinations of context.logStreamName /logStream/Stream etc.
Any help appreciated.
... View more