Splunk Connection
See the Connector Marketplace topic. Please request your administrator to start a trial or subscribe to the Premium Splunk connector.
This topic describes how to authenticate to Splunk and configure any necessary connection properties in the Splunk connection connector.
Connection Configuration
Each connection property available in the Splunk connector is explained below.
Connection Name
The name of the connection to be created should be provided. This is the name that will display on the list of available connections.
Auth Scheme
The type of authentication to use when connecting to Splunk.
Possible Values
Basic: Set to this to perform a basic authentication.
Access Token: Set this to perform Token Based Authentication via the
AccessToken
property.
URL
The URL to your Splunk endpoint.
Example: https://yoursitename.splunk.com:8089.
The port should be set to the Splunk management port (default 8089).
Access Token
The Access Token used for accessing your Splunk account.
User
The Splunk user account used to authenticate.
Password
The password used to authenticate the user.
Enable SSL
Option to create the connection with SSL enabled.
Upload Keystore File
If SSL is enabled, a keystore file has to be uploaded using this option.
Advanced Configuration
This section contains additional configuration parameters.
Include Internal Fields
Whether or not the Splunk connector should push the internal fields. These fields include: user, eventtype, etc.
Add Configuration: Additional properties can be added using this option as key-value pairs.
After entering all the details, click on the TEST button.
If the connection service identification and authentication details are provided correctly, a success message stating “connection available” is generated.
Click on the CREATE button to save the changes.
If the details are incorrect or the server is down, you will get a message “Connection unavailable”.
If you have any feedback on Gathr documentation, please email us!