Splunk Connection

See the Connector Marketplace topic. Please request your administrator to start a trial or subscribe to the Premium Splunk connector.

This topic describes how to authenticate to Splunk and configure any necessary connection properties in the Splunk connection connector.

Connection Configuration

Each connection property available in the Splunk connector is explained below.


Connection Name

The name of the connection to be created should be provided. This is the name that will display on the list of available connections.


Auth Scheme

The type of authentication to use when connecting to Splunk.

Possible Values

  • Basic: Set to this to perform a basic authentication.

  • Access Token: Set this to perform Token Based Authentication via the AccessToken property.


URL

The URL to your Splunk endpoint.

Example: https://yoursitename.splunk.com:8089.

The port should be set to the Splunk management port (default 8089).


Access Token

The Access Token used for accessing your Splunk account.


User

The Splunk user account used to authenticate.


Password

The password used to authenticate the user.


Enable SSL

Option to create the connection with SSL enabled.

Upload Keystore File

If SSL is enabled, a keystore file has to be uploaded using this option.


Advanced Configuration

This section contains additional configuration parameters.

Include Internal Fields

Whether or not the Splunk connector should push the internal fields. These fields include: user, eventtype, etc.


Add Configuration: Additional properties can be added using this option as key-value pairs.


After entering all the details, click on the TEST button.

If the connection service identification and authentication details are provided correctly, a success message stating “connection available” is generated.

Click on the CREATE button to save the changes.

If the details are incorrect or the server is down, you will get a message “Connection unavailable”.

Top