Splunk Connection

See the Connector Marketplace topic. Please request your administrator to start a trial or subscribe to the Premium Splunk connector.

This topic describes how to authenticate to Splunk and configure any necessary connection properties in the Splunk connection connector.

Connection Configuration #

Each connection property available in the Splunk connector is explained below.

Connection Name #

The name of the connection to be created should be provided. This is the name that will display on the list of available connections.

Auth Scheme #

The type of authentication to use when connecting to Splunk.

Possible Values

• Basic: Set to this to perform a basic authentication.

• Access Token: Set this to perform Token Based Authentication via the AccessToken property.

URL #

The URL to your Splunk endpoint.

Example: https://yoursitename.splunk.com:8089.

The port should be set to the Splunk management port (default 8089).

Access Token #

The Access Token used for accessing your Splunk account.

User #

The Splunk user account used to authenticate.

Password #

The password used to authenticate the user.

Enable SSL #

Option to create the connection with SSL enabled.

Upload Keystore File #

If SSL is enabled, a keystore file has to be uploaded using this option.

Advanced Configuration #

This section contains additional configuration parameters.

Include Internal Fields #

Whether or not the Splunk connector should push the internal fields. These fields include: user, eventtype, etc.

Add Configuration: Additional properties can be added using this option as key-value pairs.

After entering all the details, click on the TEST button.

If the connection service identification and authentication details are provided correctly, a success message stating “connection available” is generated.

Click on the CREATE button to save the changes.

If the details are incorrect or the server is down, you will get a message “Connection unavailable”.