Splunk Integration With MuleSoft
In this blog, first we are going to see how to configure Mule Runtime with third-party software to analyse logs. The third-party tool we are going to discuss that is Splunk.
Logging is an essential part of monitoring and troubleshooting issues and any production errors or visualizing the data.
MuleSoft provides its logging mechanism for storing application logs. Although CloudHub has a limitation of 100 MB of logs or 30 days of logs.
Configure Splunk Token
After installing Splunk, run it. It will ask you to provide your credentials, as shown below.
Now, we need to create a token in Splunk.
1. Go to Settings > Data > Data Inputs
2. Now create a token using all the default values
3. Complete all the steps, and you will get the token value. The token value will be used to connect to Splunk from the log4j file in the MuleSoft application. Next Steps will involve configuring the HTTP Appender in the log4j file to connect to Splunk
4. Once you have created the token, make sure to enable the token by going to global settings. You can also enable SSL for this token and set the port. By the default the value is “8088”
5. Add the following snippet in the log4j2.xml in the mule application
<Http name="Splunk" url="http://host:port/services/collector/raw">
<Property name="Authorization" value="Splunk
{{Token-Value}}"></Property>
<PatternLayout
pattern="%m%n"></PatternLayout>
<!--<TrustStore location="<path to trustore>"
password="<truststore-password>"/> -->
</Http>
and add this reference in Async Root
<AppenderRef ref = "Splunk"/>
6. Add dependencies in pom.xml
1. Add the following dependencies in your pom.xml dependencies section for Splunk.
<dependency>
<groupId>com.splunk.logging</groupId>
<artifactId>splunk-library-javalogging</artifactId>
<version>1.7.1</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.10.0</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<version>2.10.0</version>
</dependency>
2. Add following repository in the repositories tag of pom.xml
<repository>
<id>splunk-artifactory</id>
<name>Splunk Releases</name>
<url>https://splunk.jfrog.io/splunk/ext-releases-local</url>
</repository>
7. Once all the above configurations are done your application is ready to send logs to Splunk. Deploy your application and make a call to it .whatever logs you can see in console are also send to Splunk(logs are send depending upon your config in log4j).you can decide based on your requirement which logs you want to print in console and which you want to send to Splunk
8. Here is a snippet for the application that will be sending logs to Splunk
9. To check that, click on the “Search and Monitoring” option.
10. After that, click on “Data Summary” and click on “Source Types” and search for Log4j and select log4j.
11. On selecting that, you can see the logs being pushed to Splunk
Thank you for taking out time to read the above post. Hope you found it useful. In case of any questions, feel free to comment below. Also, if you are keen on knowing about a specific topic, happy to explore your recommendations as well.
Create Meaningful Experiences for employees
Our power of choice is untrammelled and when nothing prevents our able to do what we like best every pleasure is to be welcomed and occur that pleasures have to be repudiated.
