SplunkLogDriverProps

class aws_cdk.aws_ecs.SplunkLogDriverProps(*, env=None, env_regex=None, labels=None, tag=None, secret_token, url, ca_name=None, ca_path=None, format=None, gzip=None, gzip_level=None, index=None, insecure_skip_verify=None, source=None, source_type=None, verify_connection=None)

Bases: BaseLogDriverProps

Specifies the splunk log driver configuration options.

Source

Parameters:

  • env (Optional[Sequence[str]]) – The env option takes an array of keys. If there is collision between label and env keys, the value of the env takes precedence. Adds additional fields to the extra attributes of a logging message. Default: - No env

  • env_regex (Optional[str]) – The env-regex option is similar to and compatible with env. Its value is a regular expression to match logging-related environment variables. It is used for advanced log tag options. Default: - No envRegex

  • labels (Optional[Sequence[str]]) – The labels option takes an array of keys. If there is collision between label and env keys, the value of the env takes precedence. Adds additional fields to the extra attributes of a logging message. Default: - No labels

  • tag (Optional[str]) – By default, Docker uses the first 12 characters of the container ID to tag log messages. Refer to the log tag option documentation for customizing the log tag format. Default: - The first 12 characters of the container ID

  • secret_token (Secret) – Splunk HTTP Event Collector token (Secret). The splunk-token is added to the SecretOptions property of the Log Driver Configuration. So the secret value will not be resolved or viewable as plain text.

  • url (str) – Path to your Splunk Enterprise, self-service Splunk Cloud instance, or Splunk Cloud managed cluster (including port and scheme used by HTTP Event Collector) in one of the following formats: https://your_splunk_instance:8088 or https://input-prd-p-XXXXXXX.cloud.splunk.com:8088 or https://http-inputs-XXXXXXXX.splunkcloud.com.

  • ca_name (Optional[str]) – Name to use for validating server certificate. Default: - The hostname of the splunk-url

  • ca_path (Optional[str]) – Path to root certificate. Default: - caPath not set.

  • format (Optional[SplunkLogFormat]) – Message format. Can be inline, json or raw. Default: - inline

  • gzip (Optional[bool]) – Enable/disable gzip compression to send events to Splunk Enterprise or Splunk Cloud instance. Default: - false

  • gzip_level (Union[int, float, None]) – Set compression level for gzip. Valid values are -1 (default), 0 (no compression), 1 (best speed) … 9 (best compression). Default: - -1 (Default Compression)

  • index (Optional[str]) – Event index. Default: - index not set.

  • insecure_skip_verify (Optional[str]) – Ignore server certificate validation. Default: - insecureSkipVerify not set.

  • source (Optional[str]) – Event source. Default: - source not set.

  • source_type (Optional[str]) – Event source type. Default: - sourceType not set.

  • verify_connection (Optional[bool]) – Verify on start, that docker can connect to Splunk server. Default: - true

ExampleMetadata:

infused

Example:

# secret: ecs.Secret


# Create a Task Definition for the container to start
task_definition = ecs.Ec2TaskDefinition(self, "TaskDef")
task_definition.add_container("TheContainer",
    image=ecs.ContainerImage.from_registry("example-image"),
    memory_limit_mi_b=256,
    logging=ecs.LogDrivers.splunk(
        secret_token=secret,
        url="my-splunk-url"
    )
)

Attributes

ca_name

Name to use for validating server certificate.

Default:

  • The hostname of the splunk-url

ca_path

Path to root certificate.

Default:

  • caPath not set.

env

The env option takes an array of keys.

If there is collision between label and env keys, the value of the env takes precedence. Adds additional fields to the extra attributes of a logging message.

Default:

  • No env

env_regex

The env-regex option is similar to and compatible with env.

Its value is a regular expression to match logging-related environment variables. It is used for advanced log tag options.

Default:

  • No envRegex

format

Message format.

Can be inline, json or raw.

Default:

  • inline

gzip

Enable/disable gzip compression to send events to Splunk Enterprise or Splunk Cloud instance.

Default:

  • false

gzip_level

Set compression level for gzip.

Valid values are -1 (default), 0 (no compression), 1 (best speed) … 9 (best compression).

Default:

  • -1 (Default Compression)

index

Event index.

Default:

  • index not set.

insecure_skip_verify

Ignore server certificate validation.

Default:

  • insecureSkipVerify not set.

labels

The labels option takes an array of keys.

If there is collision between label and env keys, the value of the env takes precedence. Adds additional fields to the extra attributes of a logging message.

Default:

  • No labels

secret_token

Splunk HTTP Event Collector token (Secret).

The splunk-token is added to the SecretOptions property of the Log Driver Configuration. So the secret value will not be resolved or viewable as plain text.

source

Event source.

Default:

  • source not set.

source_type

Event source type.

Default:

  • sourceType not set.

tag

By default, Docker uses the first 12 characters of the container ID to tag log messages.

Refer to the log tag option documentation for customizing the log tag format.

Default:

  • The first 12 characters of the container ID

url

//your_splunk_instance:8088 or https://input-prd-p-XXXXXXX.cloud.splunk.com:8088 or https://http-inputs-XXXXXXXX.splunkcloud.com.

Type:

Path to your Splunk Enterprise, self-service Splunk Cloud instance, or Splunk Cloud managed cluster (including port and scheme used by HTTP Event Collector) in one of the following formats

Type:

https

verify_connection

Verify on start, that docker can connect to Splunk server.

Default:

  • true