| Table of Contents |
|---|
| Info |
|---|
| The feature is available in FIXEdge version 6.7.0 and higher or in Fix Antenna C++ version 2.26 and higher. |
Features
Integration with Splunk supports the following features:
- Log messages forwarding to the Splunk
- Connection with Splunk is supported over TCP
- Splunk agent can be used
- Configurable timestamp
Interaction model
Interaction between FIX engine and Splunk/Splunk agent is maintained via Log4Cplus library:
| Info |
|---|
The described functionality was successfully tested with version 7.2.0 of Splunk |
Configuring
1
...
.
...
Configure Logging
To forward log messages to Splunk specify Log4Cplus for Log.Deviceproperty in FIXEdge.properties (for FIXEdge) or engine.properties (for FIXAntenna) file and configure log4cplus parameters as follows:
...
In this case logging will be performed with both creating standard log files and forwarding to Splunk (Log.Device = File Log4Cplus - see description of Log.Device parameter).
Also the example contains configuration of an extended log layout that includes severity, threadID and other additional fields (log4cplus.appender.Splunk.layout parameter).
| Info |
|---|
More information about log4cplus configuration can be found here Log4Cplus Usage |
...
2. Configure Splunk
- In Splunk Web interface configure inputs (From Splunk Home, select Settings → Add Data → Data inputs):
2. Add new input to TCP (From Data inputs, select TCP → Add new):
3. Select data source - choose listening port (the same port number should be set in FIXEdge.properties log4cplus.appender.Splunk.port parameter) and then click "Next":
4. Configure input settings - Select source type → Application → log4j and then click "Review":
5. Check out configuration and click "Submit":
6. Click "Start Searching":
7. After starting FIXEdge session you will see FIXEdge logging in Splunk:
