NLogTarget.Splunk 1.0.5

.NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package NLogTarget.Splunk --version 1.0.5                

                    
                

            
NuGet\Install-Package NLogTarget.Splunk -Version 1.0.5
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="NLogTarget.Splunk" Version="1.0.5" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add NLogTarget.Splunk --version 1.0.5                

                    
                

            
#r "nuget: NLogTarget.Splunk, 1.0.5"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install NLogTarget.Splunk as a Cake Addin
#addin nuget:?package=NLogTarget.Splunk&version=1.0.5

// Install NLogTarget.Splunk as a Cake Tool
#tool nuget:?package=NLogTarget.Splunk&version=1.0.5

Tested with .NET Framework 4.7.2 and .NET Core 2.1 (in AWS .NET LAMBDA environment as well)

Supports sending log entries in async and sync mode with gzip compression enabled. In async mode, the entries are sent in batches.

Sample NLog.config

The required parameters are

Optional parameters are

  • ignoreSSLErrors - False by default. If True, ssl errors are ignored when posting to the HEC endpoint
  • timeout - # of milliseconds to wait before aborting a POST to HEC endpoint. Default is 30000 (30 seconds).

Keep in mind that the timestamp must be sent along with the log entries. The library will set the timestamp to the current time (DateTime.UtcNow) so ensure that the time across your servers is synchronized.

<?xml version="1.0" encoding="utf-8" ?>
<nlog xmlns="http://www.nlog-project.org/schemas/NLog.xsd"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.nlog-project.org/schemas/NLog.xsd NLog.xsd"
      autoReload="false"
      throwExceptions="false"
      internalLogLevel="Off" internalLogFile="C:\logs\nlog_internal.log">
  <extensions>
    <add assembly="NLogTarget.Splunk"/>
  </extensions>
  <targets async="true">
    <target xsi:type="Splunk" name="splunk" endpoint="https://sample.org/services/collector/event" authToken="***" index="sample_index" source="http:your_app">
      <layout xsi:type="JsonLayout" includeAllProperties="true">
        <attribute name="logger" layout="${logger}" />
        <attribute name="severity" layout="${level}" />
        <attribute name="callsite" layout="${callsite:includeSourcePath=false:className=false}" />
        <attribute name="message" layout="${message}" />
        <attribute name="error" layout="${exception:format=ToString}" />
      </layout>
    </target>
  </targets>
  <rules>
    <logger name="*" minlevel="Info" writeTo="Splunk" />
  </rules>
</nlog>

NLog_sample.config

Resolving AuthToken Programmatically

It is highly recommended that the AuthToken value is resolved from a secrets vault rather then NLog.config. To resolve the AuthToken programmatically:

  • Set the value of AuthToken to *resolve* in NLog.config
  • Add a handler to SplunkAuthTokenResolver.OnObtainAuthToken event early on in the program before any log entries are written. Target name from NLog.config will be passed in to the event handler. Keep in mind that _wrapped suffix will be added to the target name incase targets async is set to true in NLog.config
  • The handler must return the value of the auth token. It is guaranteed that the resolution will only happen once per program lifecycle. If the auth token cannot be resolved, no log entries will be written. Check the internal log for errors (see internalLogFile in NLog.config)

Sample AuthToken resolution code

class Program
{
	static readonly Logger logger = LogManager.GetCurrentClassLogger();

	static void Main(string[] args)
	{
		SplunkAuthTokenResolver.OnObtainAuthToken += SplunkAuthTokenResolver_OnObtainAuthToken;

		logger.Info("Testing 123");

		Console.Read();
	}

	static string SplunkAuthTokenResolver_OnObtainAuthToken(string targetName)
	{
		if(targetName == "splunk" || targetName == "splunk_wrapped")
		{
			// get auth token from secrets vault

			return "auth token value";
		}

		return null;
	}
}

- Enjoy Responsibly -

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.7 6,704 2/6/2019
1.0.6 668 11/25/2018
1.0.5 671 11/25/2018
1.0.4 636 11/25/2018
1.0.3 778 10/4/2018
1.0.2 749 10/3/2018
1.0.1 784 10/3/2018

v1.0.5 - Added cleanup routine to dispose of the http client and the handler
v1.0.4 - Switched to HttpClient. Added SourceLink support and unit test project
v1.0.3 - Added lazy resolution of AuthToken
v1.0.2 - Added an ability to programmatically resolve the AuthToken
v1.0.1 - Initial release