Splunk
This snippet can be used by copy-pasting to the neqto.js script.
| neqto: Bridge | SPRESENSE |
|---|---|
| v00.00.30+ | v01.00.00+ |
This snippet provides a function to send IoT data to a Splunk Enterprise Server.
Details
The send_splunk function can be used to POST the passed JSON object 'payload' to Splunk server via HEC (HTTP Event Collector) over HTTPS. The result (error/response) is then passed to the callback function.
To start using this snippet, HOST (of the Splunk server), TOKEN (from the HEC instance), and CA (used by the HEC server) are required to be configured by the user.
NOTE: The provided function only allows payloads up to size of 4KB. For bigger sized payloads, please refer to the sample for divided writing in neqto.js docs for neqto: Bridge and Sony Spresense.
//=================================================================
// SPLUNK SNIPPET
//=================================================================
//=================================================================
// The following configuration are MANDATORY. Set by user.
//=================================================================
// The address of the Splunk Enterprise server instance. eg. example.com or 192.168.0.1
var HOST = '<YOUR_HOST>';
// A Splunk token to authenticate HEC requests, "Splunk xxxxxxxx"
var TOKEN = '<YOUR_TOKEN>';
// Public certificate of the certificate authority that signed the Splunk server certificate for SSL/TLS handshake.
// eg. '-----BEGIN CERTIFICATE-----\n...<CA>...\n-----END CERTIFICATE-----'
var CA = '<YOUR_CA>';
//=================================================================
/**
* Post data to Splunk server using HEC (HTTP Event Collector).
* https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector
* @function send_splunk
* @param {string} payload - The data to be sent to Splunk server, as an Object.
* @param {function} callback - User callback to return the result (error/response).
* @returns {undefined}
*/
var send_splunk = function (payload, callback) {
var body = JSON.stringify(payload);
var options = {
"method": 'POST',
"host": HOST,
"port": 8088,
"path": '/services/collector',
"headers": {
'Authorization': TOKEN,
'Content-Type': 'application/json',
"Content-Length": body.length.toString()
},
"ca": CA
};
var request = https.request(options, function (res) {
res.on('end', function () {
callback(null, { "statusCode": res.statusCode, "statusMessage": res.statusMessage, "body": res.read() });
});
});
request.on('error', function () {
callback({ "errCode": request.errCode }, null);
});
request.end(body, function () {
print('[request] SUCCESS');
});
}
Object Usage Example
/*
<INSERT ABOVE SNIPPET HERE WITH SET CONFIGURATIONS>
*/
//=================================================================
log.setLevel(-1); //-1:NONE 0:ERROR 1:WARNING 2:DEBUG 3:TRACE
log.printLevel(2); //0:DISABLE 1:LOG 2:CONSOLE 3:BOTH
//=================================================================
// MAIN SCENARIO
//=================================================================
/**
* Callback to fetch error/response from the request
* @function callback
* @param {object} err - Error returned in case of a failed request. Has one property - `errCode`.
* @param {object} data - Response returned by a successfully completed request. Has three properties - `statusCode` and `statusMessage` and `body`.
*/
var callback = function (err, data) {
if (err) {
print("[error]", err.errCode);
} else {
print("[status]", data.statusCode, data.statusMessage);
print("[response]", data.body);
}
};
var payload = {
"event": "Hello from neqto: Device"
};
send_splunk(payload, callback);
Updated: 2020/07/21