Main | Contact | Blog | Documentation

PowerShell Framework

The project dedicated to empowering your PowerShell scripting.

Logging to: Splunk

Back to: Logging

Setting up logging

For logging to Splunk, you first need to create an http listener.

Once that has been taken care of, you can register the logging thus:

$paramSetPSFLoggingProvider = @{
    Name         = 'splunk'
    InstanceName = 'MyTask'
    Url          = 'https://servername:8088/services/collector'
    Token        = '<Token>'
    Enabled      = $true
}
Set-PSFLoggingProvider @paramSetPSFLoggingProvider

Splunk Cloud service

Logging to the cloud version of Splunk works exactly the same way - configure the listener, then register it with the hostname of your cloud instance: 'https://instance-hostname:8088/services/collector'

The SSL Thing

On default Splunk instances, you can - and probably should - use https, not the unencrypted http. However, default installations - including the cloud service - do not contain a trusted certificate. If you cannot make it trusted, you can have the logging provider ignore it thus:

$paramSetPSFLoggingProvider = @{
    Name         = 'splunk'
    InstanceName = 'MyTask'
    Url          = 'https://servername:8088/services/collector'
    Token        = '<Token>'
    IgnoreCert   = $true
    Enabled      = $true
}
Set-PSFLoggingProvider @paramSetPSFLoggingProvider

Generating Messages

You can write messages using the Write-PSFMessage cmdlet, which functionally replaces Write-Verbose, Write-Host, Write-Warning, Write-Debug or Write-Log:

# Verbose
Write-PSFMessage -Message "Test Message"

# Host
Write-PSFMessage -Level Host -Message "Message visible to the user"

# Debug
Write-PSFMessage -Level Debug -Message "Very well hidden message"

# Warning
Write-PSFMessage -Level Warning -Message "Warning Message"

You can also add tags for better filtering:

Write-PSFMessage -Message "Tagged Message" -Tag special, custom, whatever

Specify the target you are working against to better track actions relating to that specific target:

Write-PSFMessage -Message "Doing something" -Target $ComputerName

For more details on how to generate messages, see the dedicated documentation page

Logging Provider Documentation

For more detailed docs, see the full documentation for the splunk logging provider

Back to: Logging