Splunk

Fastly will POST messages to your Splunk account in the format specified in the Splunk object.

Data model

formatstringA Fastly log format string.
format_versionintegerThe version of the custom logging format used for the configured endpoint. The logging call gets placed by default in vcl_log if format_version is set to 2 and in vcl_deliver if format_version is set to 1.
namestringThe name for the real-time logging configuration.
placementstringWhere in the generated VCL the logging call should be placed. If not set, endpoints with format_version of 2 are placed in vcl_log and those with format_version of 1 are placed in vcl_deliver.
request_max_bytesintegerThe maximum number of bytes sent in one request. Defaults 0 for unbounded.
request_max_entriesintegerThe maximum number of logs sent in one request. Defaults 0 for unbounded.
response_conditionstringThe name of an existing condition in the configured endpoint, or leave blank to always execute.
tls_ca_certstringA secure certificate to authenticate a server with. Must be in PEM format.
tls_client_certstringThe client certificate used to make authenticated requests. Must be in PEM format.
tls_client_keystringThe client private key used to make authenticated requests. Must be in PEM format.
tls_hostnamestringThe hostname to verify the server's certificate. This should be one of the Subject Alternative Name (SAN) fields for the certificate. Common Names (CN) are not supported.
tokenstringA Splunk token for use in posting logs over HTTP to your collector.
urlstringThe URL to post logs to.
use_tlsintegerWhether to use TLS.
created_atstringDate and time in ISO 8601 format.
deleted_atstringDate and time in ISO 8601 format.
service_idstringAlphanumeric string identifying the service.
updated_atstringDate and time in ISO 8601 format.
versionintegerInteger identifying a service version.

Endpoints

List Splunk log endpoints

GET/service/service_id/version/version_id/logging/splunk

Create a Splunk log endpoint

POST/service/service_id/version/version_id/logging/splunk

Get a Splunk log endpoint

GET/service/service_id/version/version_id/logging/splunk/logging_splunk_name

Update a Splunk log endpoint

PUT/service/service_id/version/version_id/logging/splunk/logging_splunk_name

Delete a Splunk log endpoint

DELETE/service/service_id/version/version_id/logging/splunk/logging_splunk_name