时间戳

首页 > 解决方案 > 如何在 NodeJS 中使用 Splunk-Logging

node.js - 如何在 NodeJS 中使用 Splunk-Logging

问题描述


我想用 NodeJS 为 AWS Lambda 编写 Lambda 应用程序。
我安装前向依赖项。
- 无服务器
- 无服务器离线 --save-dev
- splunk-logging --save
- aws-sam-local

我还在本地计算机上安装了 Splubk-Enterprise Light Version。
我的问题是,nodejs 正在运行,splunk 正在运行,lamda 功能运行良好。当我尝试登录 slunk locall 时出现错误。

const SplunkLogger = require('splunk-logging').Logger;
const serverConfig = require('./server_config');
const loggerConfig = {
//url: process.env.SPLUNK_HEC_URL,
//token: process.env.SPLUNK_HEC_TOKEN,
//url: "http://localhost:8088",
url: "http://127.0.0.1:8089",
token: serverConfig.token,
batchInterval: 1000,
maxBatchCount: 10, // Manually flush events
maxRetries: 3,    // Retry 3 times
maxBatchSize: 1024 // 1 Kb
};
const logger = new SplunkLogger(loggerConfig);
module.exports.f_data = async (event, context, callback) => {
    let body = JSON.parse(event.body);
    console.log("Body ->:", body);
    console.log(body.processingTime);
let count = 0;
let arrayOCode = ["fpd", "kka", "lma", "traw"];
let data = {};
if( arrayOCode.includes(body.progressID) ) {
    console.log("Request Data:", JSON.stringify(body, null, 2));
    console.log("Body clusterCode:", body.clusterCode);
    data.progressID = body.progressID;
    data.fNumber = body.fNumber;
    data.fPrevious = body.fPrevious;
    data.stateCode = body.stateCode;
    data.processingTime = body.processingTime;
    let cluster = {};
    cluster.clusterCode = body.clusterCode;
    data.cluster = cluster;
    let ta = {};
    ta.aa = body.aa;
    ta.bdt = body.bdt;
    ta.bwl = body.bwl;
    ta.cu = body.cu;
    ta.est = body.est;
    data.ta = ta;
    let wb = {};
    wb.bma = body.bma;
    wb.bk = body.bk;
    wb.bt = body.bt;
    wb.cbm = body.cbm;
    data.wb = wb;
}
let payload = {
    message: data,
    metadata: {
    host: 'serverless',
    source: serverConfig.source,
    sourcetype: serverConfig.sourcetype,
    index: serverConfig.spunk_md_index,
    time: body.processingTime
},
severity: "info"
};
console.log("Payload Information_____", JSON.stringify(payload, null, 2));
logger.send(payload);
console.log("_____Data_____", JSON.stringify(data, null, 2));
// Send all the events in a single batch to Splunk
logger.flush((err, resp, body) => {
if(err || (body && body.code !== 0)) {
} else {
// If succeeded body will be { text: 'Success', code: 0 }
console.log("Response from Splunk", body);
console.log(`Successfully processed: ${count} record(s).`);
callback(null, count);
}
});
};

const configureLogger = (context, callback) => {
    // Override SplunkLogger default formatter
    loggerConfig.eventFormatter = (event) => {
    if(typeof event == 'object' && !Object.hasOwnProperty.call(event: 'awsRequestId')) {
        event.awsRequestId = context.awsRequestId;
    }
    return event;
};
// Set common error handler for logger.send() and logger.flush()
logger.error = (error, payload) => {
    console.log('error', error, 'context', payload);
    callback(error);
};
};

const checkIfObjectKeytyExists = (obj, name) => {
    if(obj.hasOwnProperty(name)) {
        return true;
    }
    return false;
};

const isEmpty = (obj) => {
    if(Object.entries(obj).length === 0 && obj.constructor === Object) {
        return true;
    }
    return false;
};

module.exports.logger = (event, context, callback) => {
    // print out the event information on the console (so that we can see it in the CloudWatch logs)
    console.log(`The following happend in the DynamoDB database table "users":\n${JSON.stringify(event.Records[0].dynamodb, null, 2)}`);
    callback(null, { event });
};

server_config.json

{
    "token": <myToken>,
    "url": "http://localhost:8088/services/collector",
    "spunk_index_1": <myIndex1>,
    "source": "f_data",
    "sourcetype": "httpevent",
}

当我使用端口 8065 时,我收到一个错误
ERROR: { Error: Unexpected response from Splunk. 请求正文是:此资源可在以下位置找到http://127.0.0.1:8065/en-US/services/collector/event/1.0
在 Request._callback (D:\Entwicklung\nodejs-projects\DB_CARGO_IOT\node_modules\splunk-logging\splunklogger.js:478:35)
在 Request.self.callback (D:\Entwicklung\nodejs-projects\DB_CARGO_IOT\node_modules\ request\request.js:185:22)
在 Request.emit (events.js:189:13)
在 Request.EventEmitter.emit (domain.js:441:20)
在 Request. (D:\Entwicklung\nodejs-projects\DB_CARGO_IOT\node_modules\request\request.js:1161:10)
在 Request.emit (events.js:189:13)
在 Request.EventEmitter.emit (domain.js:441: 20)
在传入消息处。(D:\Entwicklung\nodejs-projects\DB_CARGO_IOT\node_modules\request\request.js:1083:12)
在 Object.onceWrapper (events.js:277:13)
在 IncomingMessage.emit (events.js:194:15)
在 IncomingMessage.EventEmitter.emit (domain.js:441:20)
在 endReadableNT (_stream_readable.js:1125: 12)
在 process._tickCallback (internal/process/next_tick.js:63:19) 代码:-1 } CONTEXT { 消息:'',严重性:'信息',元数据:{} }

有谁知道,为什么我不能向 Splunk 发送任何日志?

已编辑
如果我使用端口 8088,则会收到此错误:
错误:{错误:
在 TCPConnectWrap.afterConnect [as oncomplete] (net.js:1097:14) 处连接 ECONNREFUSED 127.0.0.1:8088 (net.js:1097:14)
errno: 'ECONNREFUSED',
代码: 'ECONNREFUSED',
系统调用:'connect',
地址:'127.0.0.1',
端口:8088 }

谢谢

标签: node.jslambdasplunkserverless

解决方案

推荐阅读