Send Logs to Logmunch

For all of these examples, let's imagine that you are running your Logmunch server at http://example.com:8888, and that you've set your LOGMUNCH_WRITE_TOKEN to aaaabbbbccccddddeeee

The Splunk HEC

Logmunch supports the Splunk "HTTP Event Collector" format, so any of Splunk's open-source log collection tools should just immediately work with Logmunch.

Which is good, do I look like I want to write a bunch of log collectors?

From Docker

Directly from the Command Line

Let's imagine that you're running the application-that-generates-a-bunch-of-logs container.

Here are the necessary arguments to point an arbitrary docker container's logs at your logmunch server:

	docker run -d \
		--log-driver=splunk \
		--log-opt splunk-token=aaaabbbbccccddddeeee \
		--log-opt splunk-url=http://example.com:8888 \
		--log-opt splunk-format=raw \
        application-that-generates-a-bunch-of-logs

For The Entire Docker Instance

In /etc/docker/daemon.json:

{
  "log-driver": "splunk",
  "log-opts": {
    "splunk-token": "aaaabbbbccccddddeeee",
    "splunk-url": "http://example.com:8888"
  }
}

From node.js

Use this: https://github.com/splunk/splunk-javascript-logging .

Directly from Syslog:

I'm going to level with you: I haven't 100% worked out how to do this, yet.

Surely I can use this tool, somehow, but it's ... it's much too complicated and fussy. I'm going to find a better solution for this, at some point.

From Kubernetes

idk man, ¯\_(ツ)_/¯