splunk

package
v0.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2026 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SplunkBackendName = "splunk"
)

Variables

This section is empty.

Functions

func NewSplunk 

func NewSplunk(c auditing.Config, sc SplunkConfig) (auditing.Auditing, error)

NewSplunk returns a new auditing backend for splunk. It supports the HTTP event collector interface.

Types

type SplunkConfig 

type SplunkConfig struct {
	Endpoint   string
	HECToken   string
	SourceType string
	Index      string
	Host       string
	TlsConfig  *tls.Config
}

type SplunkEvent 

type SplunkEvent struct {
	// Time is the event time. The default time format is UNIX time format.
	Time int64 `json:"time,omitempty"`
	// Host value to assign to the event data. This key is typically the hostname of the client from which you're sending data.
	Host string `json:"host,omitempty"`
	// Source value to assign to the event data. For example, if you're sending data from an app you're developing, set this key to the name of the app.
	Source string `json:"source,omitempty"`
	// Sourcetype value to assign to the event data.
	SourceType string `json:"sourcetype,omitempty"`
	// Index by which the event data is to be indexed.
	Index string `json:"index,omitempty"`
	// Event is the actual event data in whatever format you want: a string, a number, another JSON object, and so on.
	Event auditing.Entry `json:"event,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.