#     Version 9.2.2.20240415
# log-utility.cfg
#
# For utility programs available through splunkd.
rootCategory=WARN,A1
[splunkd]
category.loader=INFO
category.ServerConfig=INFO
category.ulimit=INFO
category.RemoteFileSystemCLI=INFO
category.SecretStorage=INFO
category.SecretStorageCommandLine=INFO
# we're not sending stuff to the console anymore now that we're daemonized.
appender.rootAppender=ConsoleAppender
appender.rootAppender.layout=PatternLayout
appender.rootAppender.layout.ConversionPattern=%d{%m-%d-%Y %H:%M:%S.%l %z} %-5p %c - %m%n
# If these log files are getting too big for your liking, turn down the maxFileSize.
# Best not make them too small, however, because can be useful in troubleshooting.
appender.A1=RollingFileAppender
appender.A1.fileName=${SPLUNK_HOME}/var/log/splunk/splunkd-utility.log
appender.A1.maxFileSize=5000000 # default: 5MB (specified in bytes).
appender.A1.maxBackupIndex=5
appender.A1.layout=PatternLayout
# The timstamp patterns used for the Splunkd logs should be kept in synchronization with:
# - etc/system/default/props.conf [splunkd] TIME_FORMAT
# - src/framework/SplunkdTimestamp.cpp
appender.A1.layout.ConversionPattern=%d{%m-%d-%Y %H:%M:%S.%l %z} %-5p %c - %m%n
category.BucketMergerCmd=INFO
category.BucketMerger=INFO
category.AuditLogger=INFO