0

I am using livetail-cli provided by sumologic.

I am trying send the livetail output to an http endpoint. But it shows connection time out error after some time.

The command which i am using is 

while IFS= read -r newline; do echo $newline |  curl -XPOST --data-binary $0 http://localhost:9090 -H Content-Type:application/json  ; done < <(./livetail _sourceCategory="x")

What is the best way to achieve this so that the connection persists?Although the sumologic api mentions about the session timeout after 30min of inactivity. But i am sure that the logs would be continuously coming from the source.

user2823667
  • 193
  • 2
  • 18
  • I'm sorry - I'm not sure I understand what you're doing. Sumo Logic's livetail-cli tool is to view a live tail of logs that are already coming into Sumo Logic. In order to stream logs into Sumo Logic, you just need a collector, or you need to post to an HTTP source directly. Could you clarify what you're trying to accomplish here? – the-nick-wilson Mar 14 '18 at 13:05
  • I want to send these live-tail logs to an HTTP source. Since live-tail is almost realtime, i want to go by this approach. Is there anything else in sumo-logic which is real-time . Main goal is to send these logs which are coming into sumologic to our HTTP source. I don't have control over the source from which sumologic is getting the logs . – user2823667 Mar 15 '18 at 08:37
  • Ah I see - Sorry, I thought you meant a Sumo Logic HTTP source. Let me answer below. – the-nick-wilson Mar 15 '18 at 16:42

1 Answers1

0

Sumo Logic's live tail/live tail CLI wasn't intended to stream logs to be forwarded on to other systems.

For this you should either forward it directly from the collector or forward it to an S3 bucket and set up a Lambda function to then forward it on to your other HTTP source.

the-nick-wilson
  • 566
  • 4
  • 18