Splunk Logging

Log data can be automatically routed to Splunk. Support is enabled by including the following module in the overlay:

1
2
3
4
5

<dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-logging-config-splunk</artifactId>
    <version>${cas.version}</version>
</dependency>

1

implementation "org.apereo.cas:cas-server-support-logging-config-splunk:${project.'cas.version'}"

1
2
3
4
5
6
7
8
9

dependencyManagement {
    imports {
        mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
    }
}

dependencies {
    implementation "org.apereo.cas:cas-server-support-logging-config-splunk"
}

1
2
3
4
5
6
7
8
9
10

dependencies {
    /*
    The following platform references should be included automatically and are listed here for reference only.
            
    implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
    implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
    */

    implementation "org.apereo.cas:cas-server-support-logging-config-splunk"
}

You may also need to declare the following repository in your CAS overlay to be able to resolve dependencies:

1
2
3
4
5
6

repositories {
    maven { 
        mavenContent { releasesOnly() }
        url "https://splunk.jfrog.io/splunk/ext-releases-local" 
    }
}

With the above module, you may then declare a specific appender to communicate with Splunk. Following is an example that assumes that you have Splunk Enterprise running locally (with an IP address of 127.0.0.1), with a TCP input configured on port 15000. TCP inputs do not have the same port number as the Splunk Enterprise management port.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

<Appenders>
   <Socket name="SocketAppender" host="127.0.0.1" port="15000">
      <PatternLayout pattern="%p: %m%n" charset="UTF-8"/>
   </Socket>
...
   <SplunkAppender name="SplunkAppender">
      <AppenderRef ref="SocketAppender" />
   </SplunkAppender>
</Appenders>
...
<Loggers>
   <Logger name="org.apereo" level="debug">
      <AppenderRef ref="SplunkAppender"/>
   </Logger>
</Loggers>

Of course, you will need to create a TCP input in Splunk Enterprise to which CAS will write logs.