Configuring Splunk for Django¶
Configuring Django¶
Django needs to be setup to log files in a particular way for Splunk to read in a way that they can be parsed. To do so, set a formatter to output the time and severity to the logs messages using a formatter of "%(asctime)s [%(levelname)s] %(name)s: %(message)s".
Below is a logging configuration that can be used with the app, add it to your settings file:
LOGGING = { 'version': 1, 'disable_existing_loggers': False, 'formatters': { 'standard': { 'format': '%(asctime)s [%(levelname)s] %(name)s: %(message)s' #You may need to specify the timezone here. For example: %(asctime)s CST [%(levelname)s] %(name)s: %(message)s }, }, 'filters': { 'require_debug_false': { '()': 'django.utils.log.RequireDebugFalse' } }, 'handlers': { 'null': { 'level':'DEBUG', 'class':'django.utils.log.NullHandler', }, 'console':{ 'level':'DEBUG', 'class':'logging.StreamHandler' }, 'default': { 'level':'DEBUG', 'class':'logging.handlers.RotatingFileHandler', 'filename': '../var/log/app.log', # Make sure that this path exists, change as necessary 'maxBytes': 1024*1024*5, # 5 MB 'backupCount': 5, 'formatter':'standard', } }, 'loggers': { 'django.db': { 'handlers': ['default'], 'level': 'DEBUG', # Set this to ERROR on production hosts since the database logs are very verbose 'propagate': False, }, '': { 'handlers': ['default'], 'level': 'DEBUG', 'propagate': True, }, 'django.request': { 'handlers': ['default'], 'level': 'DEBUG', # Set this to ERROR on production hosts if you want to avoid lots of warnings for 404 file-not-found notices 'propagate': False, }, } }
Configuring Splunk¶
Setup Splunk to monitor the logs files from your Django installation. Make sure to set the sourcetype to "django". See docs.splunk.com for details on how to monitor files with Splunk.