HTTP
Sends messages over HTTP. For details on the available options of the output, see the documentation of the AxoSyslog syslog-ng distribution.
Example
A simple example sending logs over HTTP to a fluentbit HTTP endpoint:
kind: SyslogNGOutput
apiVersion: logging.banzaicloud.io/v1beta1
metadata:
name: http
spec:
http:
#URL of the ingest endpoint
url: http://fluentbit-endpoint:8080/tag
method: POST
headers:
- "Content-type: application/json"
A more complex example to demonstrate sending logs to OpenObserve
kind: SyslogNGOutput
apiVersion: logging.banzaicloud.io/v1beta1
metadata:
name: openobserve
spec:
http:
#URL of the ingest endpoint
url: https://openobserve-endpoint/api/default/log-generator/_json
user: "username"
password:
valueFrom:
secretKeyRef:
name: openobserve
key: password
method: POST
# Parameters for sending logs in batches
batch-lines: 5000
batch-bytes: 4096
batch-timeout: 300
headers:
- "Connection: keep-alive"
# Disable TLS peer verification for demo
tls:
peer_verify: "no"
body-prefix: "["
body-suffix: "]"
delimiter: ","
body: "${MESSAGE}"
For details, see the documentation of the AxoSyslog syslog-ng distribution.
Configuration
(Batch, required)
Batching parameters
body (string, optional)
The body of the HTTP request, for example, body("${ISODATE} ${MESSAGE}")
. You can use strings, macros, and template functions in the body. If not set, it will contain the message received from the source by default.
body-prefix (string, optional)
The string syslog-ng OSE puts at the beginning of the body of the HTTP request, before the log message.
body-suffix (string, optional)
The string syslog-ng OSE puts to the end of the body of the HTTP request, after the log message.
delimiter (string, optional)
By default, syslog-ng OSE separates the log messages of the batch with a newline character.
disk_buffer (*DiskBuffer, optional)
This option enables putting outgoing messages into the disk buffer of the destination to avoid message loss in case of a system failure on the destination side. For details, see the Syslog-ng DiskBuffer options.
Default: false
headers ([]string, optional)
Custom HTTP headers to include in the request, for example, headers("HEADER1: header1", "HEADER2: header2")
.
Default: empty
log-fifo-size (int, optional)
The number of messages that the output queue can store.
method (string, optional)
Specifies the HTTP method to use when sending the message to the server. POST | PUT
password (secret.Secret, optional)
The password that syslog-ng OSE uses to authenticate on the server where it sends the messages.
persist_name (string, optional)
If you receive the following error message during syslog-ng startup, set the persist-name()
option of the duplicate drivers: Error checking the uniqueness of the persist names, please override it with persist-name option. Shutting down.
See the documentation of the AxoSyslog syslog-ng distribution for more information.
response-action (filter.RawArrowMap, optional)
Specifies what syslog-ng does with the log message, based on the response code received from the HTTP server. See the documentation of the AxoSyslog syslog-ng distribution for more information.
retries (int, optional)
The number of times syslog-ng OSE attempts to send a message to this destination. If syslog-ng OSE could not send a message, it will try again until the number of attempts reaches retries
, then drops the message.
time_reopen (int, optional)
The time to wait in seconds before a dead connection is reestablished.
Default: 60
timeout (int, optional)
Sets the maximum number of messages sent to the destination per second. Use this output-rate-limiting functionality only when using disk-buffer as well to avoid the risk of losing messages. Specifying 0 or a lower value sets the output limit to unlimited.
tls (*TLS, optional)
This option sets various options related to TLS encryption, for example, key/certificate files and trusted CA locations. TLS can be used only with tcp-based transport protocols. For details, see TLS for syslog-ng outputs and the documentation of the AxoSyslog syslog-ng distribution.
url (string, optional)
Specifies the hostname or IP address and optionally the port number of the web service that can receive log data via HTTP. Use a colon (:) after the address to specify the port number of the server. For example: http://127.0.0.1:8000
user (string, optional)
The username that syslog-ng OSE uses to authenticate on the server where it sends the messages.
user-agent (string, optional)
The value of the USER-AGENT header in the messages sent to the server.
workers (int, optional)
Specifies the number of worker threads (at least 1) that syslog-ng OSE uses to send messages to the server. Increasing the number of worker threads can drastically improve the performance of the destination.
Batch
batch-bytes (int, optional)
Description: Sets the maximum size of payload in a batch. If the size of the messages reaches this value, syslog-ng OSE sends the batch to the destination even if the number of messages is less than the value of the batch-lines()
option. Note that if the batch-timeout()
option is enabled and the queue becomes empty, syslog-ng OSE flushes the messages only if batch-timeout()
expires, or the batch reaches the limit set in batch-bytes()
.
batch-lines (int, optional)
Description: Specifies how many lines are flushed to a destination in one batch. The syslog-ng OSE application waits for this number of lines to accumulate and sends them off in a single batch. Increasing this number increases throughput as more messages are sent in a single batch, but also increases message latency. For example, if you set batch-lines()
to 100, syslog-ng OSE waits for 100 messages.
batch-timeout (int, optional)
Description: Specifies the time syslog-ng OSE waits for lines to accumulate in the output buffer. The syslog-ng OSE application sends batches to the destinations evenly. The timer starts when the first message arrives to the buffer, so if only few messages arrive, syslog-ng OSE sends messages to the destination at most once every batch-timeout()
milliseconds.