Reputation: 645
Forward Flex Gateway Logs to Splunk
I have an instance of MuleSoft's Flex Gateway (v 1.2.0) installed on a Linux machine in a podman container. I am trying to forward container as well as API logs to Splunk. Below is my log.yaml file in /home/username/app folder. Not sure what I am doing wrong, but the logs are not getting forwarded to Splunk.
apiVersion: gateway.mulesoft.com/v1alpha1
kind: Configuration
metadata:
name: logging-config
spec:
logging:
outputs:
- name: default
type: splunk
parameters:
host: <instance-name>.splunkcloud.com
port: "443"
splunk_token: xxxxx-xxxxx-xxxx-xxxx
tls: "on"
tls.verify: "off"
splunk_send_raw: "on"
runtimeLogs:
logLevel: info
outputs:
- default
accessLogs:
outputs:
- default
Please advise.
Upvotes: 0
Views: 395
Answers (2)
Reputation: 645
I managed to get this work. The issue was that I had to give full permissions to the app folder using "chmod" command. After it was done, the fluent-bit.conf file had an entry for Splunk and logs started flowing.
Upvotes: 0
Reputation: 9926
The endpoint for Splunk's HTTP Event Collector (HEC) is https://http-input.<instance-name>.splunkcloud.com:443/services/collector/raw. If you're using a free trial of Splunk Cloud then change the port number to 8088. See https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector#Send_data_to_HTTP_Event_Collector_on_Splunk_Cloud_Platform for details.
Upvotes: 1
Related Questions
- kubernetes audit log filtering with fluentd and forwarding to Splunk
- Forward syslog stream using Splunk Forwarder
- Kubernetes - In AWS EKS Fargate How Can I Send Logs From One Container To FluentD For Splunk?
- Splunk HttpEventCollectorLogbackAppender how to set source and host?
- Splunk Universal Forwarder not sending data to Indexer
- MuleSoft Log Forwarding from On-Premise to Splunk
- Forwarding logs from kubernetes to splunk
- How to forward application logs to Splunk from docker container?
- how to configure logs as data source from remote unix server in splunk
- Flex logging framework