whether to activate dev services or not

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DEVSERVICES_ENABLED

Override the docker image used for the Splunk dev service

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DEVSERVICES_IMAGE_NAME

Whether the instance of splunk can be shared between runs in DEV mode.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DEVSERVICES_SHARED

Determine whether to enable the handler

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_ENABLED

The splunk handler log level. By default, it is no more strict than the root handler level.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_LEVEL

Splunk HEC endpoint base url.

With raw events, the endpoint targeted is /services/collector/raw. With flat or nested JSON events, the endpoint targeted is /services/collector/event/1.0.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_URL

Disable TLS certificate validation with HEC endpoint

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DISABLE_CERTIFICATE_VALIDATION

The application token to authenticate with HEC, the token is mandatory if the extension is enabled https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#HEC_token

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_TOKEN

The strategy to send events to HEC.

In sequential mode, there is only one HTTP connection to HEC and the order of events is preserved, but performance is lower. In parallel mode, event batches are sent asynchronously over multiple HTTP connections, and events with the same timestamp (that has 1 millisecond resolution) may be indexed out of order by Splunk.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_SEND_MODE

A GUID to identify an HEC client and guarantee isolation at HEC level in case of slow clients. https://docs.splunk.com/Documentation/Splunk/latest/Data/AboutHECIDXAck#About_channels_and_sending_data

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_CHANNEL

Batching delay before sending a group of events. If 0, the events are sent immediately.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_BATCH_INTERVAL

Maximum number of events in a batch. By default 10, if 0 no batching.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_BATCH_SIZE_COUNT

Maximum total size in bytes of events in a batch. By default 10KB, if 0 no batching.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_BATCH_SIZE_BYTES

Maximum number of retries in case of I/O exceptions with HEC connection.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_MAX_RETRIES

A middleware to customize the behavior of sending events to Splunk.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_MIDDLEWARE

The log format, defining which metadata are inlined inside the log main payload.

Specific metadata (hostname, category, thread name, …​), as well as MDC key/value map, can also be sent in a structured way.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_FORMAT

Whether to send the thrown exception message as a structured metadata of the log event (as opposed to %e in a formatted message, it does not include the exception name or stacktrace). Only applicable to 'nested' serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_INCLUDE_EXCEPTION

Whether to send the logger name as a structured metadata of the log event (equivalent of %c in a formatted message). Only applicable to 'nested' serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_INCLUDE_LOGGER_NAME

Whether to send the thread name as a structured metadata of the log event (equivalent of %t in a formatted message). Only applicable to 'nested' serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_INCLUDE_THREAD_NAME

Overrides the host name metadata value.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_METADATA_HOST

The source value to assign to the event data. For example, if you’re sending data from an app you’re developing, you could set this key to the name of the app. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_METADATA_SOURCE

The optional format of the events, to enable some parsing on Splunk side. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

A given source type may have indexed fields extraction enabled, which is the case of the built-in _json used for nested serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_METADATA_SOURCE_TYPE

The optional name of the index by which the event data is to be stored. If set, it must be within the list of allowed indexes of the token (if it has the indexes parameter set). https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_METADATA_INDEX

The name of the key used to convey the severity / log level in the metadata fields. Only applicable to 'flat' serialization. With 'nested' serialization, there is already a 'severity' field.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_METADATA_SEVERITY_FIELD_NAME

The format of the payload.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_SERIALIZATION

The name of the named filter to link to the splunk handler.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_FILTER

Indicates whether to log asynchronously

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_ASYNC

The queue length to use before flushing writing

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_ASYNC_QUEUE_LENGTH

Determine whether to block the publisher (rather than drop the message) when the queue is full

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_ASYNC_OVERFLOW

The API URL the splunk dev service listens on.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DEVSERVICES_API_URL

Additional environment variables to inject.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DEVSERVICES_CONTAINER_ENV

Map that allows to tell to plug the following named handlers to the dev service

It is necessary as we do not have access to runtime configuration when starting the Splunk container.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_DEVSERVICES_PLUG_NAMED_HANDLERS

Optional static key/value pairs to populate the "fields" key of event metadata. This isn’t applicable to raw serialization. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_METADATA_FIELDS

Determine whether to enable the handler

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__ENABLED

The splunk handler log level. By default, it is no more strict than the root handler level.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__LEVEL

Splunk HEC endpoint base url.

With raw events, the endpoint targeted is /services/collector/raw. With flat or nested JSON events, the endpoint targeted is /services/collector/event/1.0.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__URL

Disable TLS certificate validation with HEC endpoint

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__DISABLE_CERTIFICATE_VALIDATION

The application token to authenticate with HEC, the token is mandatory if the extension is enabled https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#HEC_token

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__TOKEN

The strategy to send events to HEC.

In sequential mode, there is only one HTTP connection to HEC and the order of events is preserved, but performance is lower. In parallel mode, event batches are sent asynchronously over multiple HTTP connections, and events with the same timestamp (that has 1 millisecond resolution) may be indexed out of order by Splunk.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__SEND_MODE

A GUID to identify an HEC client and guarantee isolation at HEC level in case of slow clients. https://docs.splunk.com/Documentation/Splunk/latest/Data/AboutHECIDXAck#About_channels_and_sending_data

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__CHANNEL

Batching delay before sending a group of events. If 0, the events are sent immediately.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__BATCH_INTERVAL

Maximum number of events in a batch. By default 10, if 0 no batching.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__BATCH_SIZE_COUNT

Maximum total size in bytes of events in a batch. By default 10KB, if 0 no batching.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__BATCH_SIZE_BYTES

Maximum number of retries in case of I/O exceptions with HEC connection.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__MAX_RETRIES

A middleware to customize the behavior of sending events to Splunk.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__MIDDLEWARE

The log format, defining which metadata are inlined inside the log main payload.

Specific metadata (hostname, category, thread name, …​), as well as MDC key/value map, can also be sent in a structured way.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__FORMAT

Whether to send the thrown exception message as a structured metadata of the log event (as opposed to %e in a formatted message, it does not include the exception name or stacktrace). Only applicable to 'nested' serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__INCLUDE_EXCEPTION

Whether to send the logger name as a structured metadata of the log event (equivalent of %c in a formatted message). Only applicable to 'nested' serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__INCLUDE_LOGGER_NAME

Whether to send the thread name as a structured metadata of the log event (equivalent of %t in a formatted message). Only applicable to 'nested' serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__INCLUDE_THREAD_NAME

Overrides the host name metadata value.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__METADATA_HOST

The source value to assign to the event data. For example, if you’re sending data from an app you’re developing, you could set this key to the name of the app. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__METADATA_SOURCE

The optional format of the events, to enable some parsing on Splunk side. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

A given source type may have indexed fields extraction enabled, which is the case of the built-in _json used for nested serialization.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__METADATA_SOURCE_TYPE

The optional name of the index by which the event data is to be stored. If set, it must be within the list of allowed indexes of the token (if it has the indexes parameter set). https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__METADATA_INDEX

Optional static key/value pairs to populate the "fields" key of event metadata. This isn’t applicable to raw serialization. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector#Event_metadata

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__METADATA_FIELDS

The name of the key used to convey the severity / log level in the metadata fields. Only applicable to 'flat' serialization. With 'nested' serialization, there is already a 'severity' field.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__METADATA_SEVERITY_FIELD_NAME

The format of the payload.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__SERIALIZATION

The name of the named filter to link to the splunk handler.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__FILTER

Indicates whether to log asynchronously

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__ASYNC

The queue length to use before flushing writing

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__ASYNC_QUEUE_LENGTH

Determine whether to block the publisher (rather than drop the message) when the queue is full

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK__NAMED_HANDLERS__ASYNC_OVERFLOW

Sets the default connect timeout for new connections in milliseconds.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_CONNECTTIMEOUT

Sets the default timeout for complete calls in milliseconds.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_CALLTIMEOUT

Sets the default read timeout for new connections in milliseconds.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_READTIMEOUT

Sets the default write timeout for new connections in milliseconds.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_WRITETIMEOUT

Sets the default termination timeout during a flush in milliseconds.

Environment variable: QUARKUS_LOG_HANDLER_SPLUNK_TERMINATIONTIMEOUT