nodejs SplunkLogger - json message is not parsed

ngoodrich · ‎12-19-2018

I am using the manual batching example from the docs.

I am sending the following data to the logger.send function:

const obj = {
      oid: 'bluesun',
      tid: 'transaction_id',
      type: 'error',
      msg: 'I broke something bad'
    }

this.logger.send({
      message: obj,
      metadata: {
        source: 'awsBot',
        sourcetype: 'event-bus'
      },
      severity: 'error'
})

However, none of the fields in the json object appear to be parsed when coming into splunk.

This index is shared by other services that are logging in other formats so we can't override the entire index to expect json formatted messages, but is there a way to force these messages from this source to be parsed as json?

rohan05 · ‎06-10-2024

I am facing the same issue. Not able to see any of the data in splunk. Did you find the solution to get the data?

Please let me know how to resolve this issue.

ngoodrich · ‎12-20-2018

@sdchakraborty That did not work.

sdchakraborty · ‎12-19-2018

Hi,

will it be possible for you to make the sourcetype "_json"? That cloud resolve your issue.

Sid

nodejs SplunkLogger - json message is not parsed

Application management with Targeted Application Install for Victoria Experience

Index This | What goes up and never comes down?

Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination

Join the Conversation

nodejs SplunkLogger - json message is not parsed

Application management with Targeted Application Install for Victoria Experience

Index This | What goes up and never comes down?

Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination