Skip to content

Streaming Logs to Splunk

Jump to bottom Edit New page
dcampillo edited this page Dec 27, 2013 · 2 revisions

A simple sample to generate a "three fields" log and send it to Splunk over TCP

This sample require a "TCP Data Input". More info at Send data (including syslog) over a TCP/UDP port

 EventFactory _e = new EventFactory("LogGeneratorSample", true);

 // Setup event factory with three fields
 _e.Fields.Add(new EventFieldDefinition("message", false));
 _e.Fields.Add(new EventFieldDefinition("level", false));
 _e.Fields.Add(new EventFieldDefinition("status", true));

 // Create a new event
 Event _ev = _e.NewEvent();

 // Fill the newly created event
 _ev["message"].Value = "This is a sample message";
 _ev["level"].Value = "verbose";
 _ev["status"].Value = "OK";

 // Open TCP Connection to flush log to splunk
 TcpClient _t = new TcpClient([SERVER], [PORT]);

 // Instantiate a StreamWriter to write to the stream
 StreamWriter _sw = new StreamWriter(_t.GetStream());
 
 // Flush events as string
 _sw.Write(_e.Flush());

 // CleanUp
 _sw.Flush();
 _sw.Close();
Add a custom footer
Add a custom sidebar

Clone this wiki locally