Add JSON serialization option for Splunk HEC exporter #27244
Labels
Comments
stephenhong
added
enhancement
|
Pinging code owners for exporter/splunkhec: @atoulme @dmitryax. See Adding Labels via Comments if you do not have permissions to add labels yourself. |
|
You can see how we map pdata to HEC here: https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/exporter/splunkhecexporter/logdata_to_splunk.go#L26 The HEC exporter maps the severity fields to the document, but they might not show unless you expand the record. I suggest you work with Splunk Support and follow up with a support case to discuss this further. |
|
Ah I see. Thank you @atoulme |
This was referenced Oct 3, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Component(s)
Splunk HEC exporter
Is your feature request related to a problem? Please describe.
When using the Splunk HEC exporter, my app logs are shown like this but if I send my app logs in OTLP JSON format, they look like this. I want to see my app logs in OTLP JSON format so that I can get information such as severity text & number, the resource attributes, span id & trace id, etc.
Describe the solution you'd like
Add a JSON serialization option to transform data from OTLP format to OTLP JSON format
Describe alternatives you've considered
I was informed that Splunk doesn't support receiving logs in OTLP. If JSON serialization isn't viable, then perhaps supporting OTLP logs could be an alternative, so that you can see certain attributes like severity text & number and span id & trace id as its own field, instead of just host, source, and sourcetype.
Additional context
No response
The text was updated successfully, but these errors were encountered: