The project is in a healthy, maintained state
This output plugin sends fluentd records to the configured LogicMonitor account.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Runtime

 Project Readme

Gem Version

lm-logs-fluentd

This output plugin sends Fluentd records to the configured LogicMonitor account.

Prerequisites

Install the plugin:

  • With gem (if td-agent/fluentd is installed along with native ruby): gem install fluent-plugin-lm-logs
  • For native td-agent/fluentd plugin handling: td-agent-gem install fluent-plugin-lm-logs

Alternatively, you can add out_lm.rb to your Fluentd plugins directory.

Configure the output plugin

Create a custom fluent.conf or edit the existing one to specify which logs should be forwarded to LogicMonitor.

# Match events tagged with "lm.**" and
# send them to LogicMonitor
<match lm.**>
    @type lm
    resource_mapping {"<event_key>": "<lm_property>"}
    company_name <lm_company_name>
    company_domain <lm_company_domain>
	access_id <lm_access_id>
    access_key <lm_access_key>
      <buffer>
        @type memory
        flush_interval 1s
        chunk_limit_size 5m
      </buffer> 
    debug false
</match>

Request example

Sending:

curl -X POST -d 'json={"message":"hello LogicMonitor from fluentd", "event_key":"lm_property_value"}' http://localhost:8888/lm.test

Produces this event:

{
    "message": "hello LogicMonitor from fluentd"
}

Note: Make sure that logs have a message field. Requests sent without a message will not be accepted.

Kubernetes

The Kubernetes configuration for LM Logs is deployed as a Helm chart. See the LogicMonitor Helm repository.

Resource mapping examples

  • {"message":"Hey!!", "event_key":"lm_property_value"} with mapping {"event_key": "lm_property"}
  • {"message":"Hey!!", "a":{"b":{"c":"lm_property_value"}} } with mapping {"a.b.c": "lm_property"}
  • {"message":"Hey!!", "_lm.resourceId": { "lm_property_name" : "lm_property_value" } } this will override resource mapping.

LogicMonitor properties

Property Description
company_name LogicMonitor account name.
company_domain LogicMonitor account domain. For eg. for url test.logicmonitor.com, company_domain is logicmonitor.com . Default is logicmonitor.com.
resource_mapping The mapping that defines the source of the log event to the LM resource. In this case, the <event_key> in the incoming event is mapped to the value of <lm_property>.
access_id LM API Token access ID.
access_key LM API Token access key.
bearer_token LM API Bearer Token. Either specify access_id and access_key both or bearer_token. If all specified, LMv1 token(access_id and access_key) will be used for authentication with Logicmonitor.
flush_interval Defines the time in seconds to wait before sending batches of logs to LogicMonitor. Default is 60s.
debug When true, logs more information to the fluentd console.
force_encoding Specify charset when logs contains invalid utf-8 characters.
include_metadata When true, appends additional metadata to the log. default false.
device_less_logs When true, do not map log with any resource. record must have service when true. default false.
http_proxy http proxy string eg. http://user:pass@proxy.server:port. Default nil