HTTP target

NLog.Targets.HTTP

NLog.Targets.HTTP is a HTTP POST target for NLog. Combined with JSON formatter it can be used to send events to an instance of Splunk and other HTTP based collectors.

Getting started

Add the library as an extension to nlog:

<nlog xmlns="http://www.nlog-project.org/schemas/NLog.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
  <extensions>
    <add assembly="NLog.Targets.Http" />
  </extensions>
  <targets>
    ...

Available Configuration Parameters

Listed below are available configuration parameters with their default values

<target name='target name' 
        type='HTTP' 
        URL='protocol://server:port/path'
        Method='POST'
        Authorization='phrase token' 
        BatchSize='1'
        MaxQueueSize='2147483647'
        IgnoreSslErrors='true'
        FlushBeforeShutdown='true'
        ContentType='application/json'
        Accept='application/json'
        DefaultConnectionLimit='2'
        Expect100Continue='false'
        UseNagleAlgorithm='true'
        ConnectTimeout='30000' 
        InMemoryCompression='true'
        ProxyUrl=''
        ProxyUser=''
        ProxyPassword=''
    >

URL

The URL to send messages to (mandatory)

Method

HTTP method to use (GET,POST,PUT, etc.)

Authorization

The Authorization Header value to pass.

BatchSize

Number of messages to be sent together in one call separated by an empty new line

MaxQueueSize

Maximum number of messages awaiting to be send. Please note, that if this value is set, the logger might be blocking.

IgnoreSsslErrors

Some SSL certificates might be invalid or not-trusted.

FlushBeforeShutdown

Force all messages to be delivered before shutting down.

ContentType

HTTP ContentType Header value.

Accept

HTTP Accept Header value.

DefaultConnectionLimit

How many connections might be used at the same time. Changes ServicePointManager.DefaultConnectionLimit, which might affect other parts of your system.

Expect100Continue

See this article.

UseNagleAlgorithm

The Nagle algorithm is used to buffer small packets of data and transmit them as a single packet. This process, referred to as "nagling," is widely used because it reduces the number of packets transmitted and lowers the overhead per packet. The Nagle algorithm is fully described in IETF RFC 896.

ConnectTimeout

How long should the client wait to connect (default is 30 seconds).

InMemoryCompression

Reduces the amount of memory consumed at the expense of increased CPU usage.

ProxyUrl

Designates a proxy server to use. Must include protocol (http|https) and port

ProxyUser

If proxy authentication is needed, you can specify it with a domain prefix, i.e. DOMAIN\USER.

ProxyPassword

Password to use for proxy authentication.

Sample SPLUNK Configuration

<?xml version="1.0" encoding="utf-8" ?>
<nlog xmlns="http://www.nlog-project.org/schemas/NLog.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
  <targets>
    <target name='splunk' 
            type='HTTP' URL='server:port/services/collector'
            Authorization='Splunk auth-token' 
            BatchSize='100'>
      <layout type='JsonLayout'>
        <attribute name='sourcetype' layout='_json' />
        <attribute name='host' layout='${machinename}' />
        <attribute name='event' encode='false'>
          <layout type='JsonLayout'>
            <attribute name='level' layout='${level:upperCase=true}' />
            <attribute name='source' layout='${logger}' />
            <attribute name='thread' layout='${threadid}' />
            <attribute name='message' layout='${message}' />
            <attribute name='utc' layout='${date:universalTime=true:format=yyyy-MM-dd HH\:mm\:ss.fff}' />
          </layout>
        </attribute>
      </layout>
    </target>
  </targets>
  <rules>
    <logger name="*" minlevel="Debug" writeTo="splunk" />
  </rules>
</nlog>

- Troubleshooting Guide - See available NLog Targets and Layouts: https://nlog-project.org/config

Provide feedback

Saved searches

Use saved searches to filter your results more quickly