Splunk

Splunk produces software for searching, monitoring, and analyzing machine-generated big data via a web-style interface.

Use the SEI Splunk integration to integrate SEI with Splunk.

Note: This SEI integration is under development. It provides limited integration support in its current state.

Configure the integration on cloud

  1. Select Integrations under Settings.

  2. Select Available Integrations, locate the Splunk integration, and select Install.

  3. Configure and save the integration.

    1. Add the URL of your Splunk instance

    2. Add your splunk username for authentication

    3. Add your Splunk API Key or Authentication token that you previously generated.

  4. Specify any relevant options (Ignore Server Cert, Is Splunk Cloud)

  5. Description and Tags are optional

  6. Finish configuration and save the integration.

Configure the integration using satellite

The steps for configuring the integration using satellite is similar to configuring the integration on cloud, with the exception of using satellite to communicate with the Splunk server.

Make sure to select the satellite integration checkbox while configuring the integration. Once you save the integration a satellite.yml file will be automatically generated and downloaded to your computer. Update it following the instructions here.

Here’s a sample satellite.yml file

satellite:
  tenant: foo
  api_key: <sei-api-key>
  url: 'https://testapi1.propelo.ai'
integrations:
  - id: '4712'
    application: splunk
    url: 'https://www.splunk.com/'
    username: codewdhruv
    api_key: <splunk-api-key>
    metadata:
      ignore_server_cert: true
      is_splunk_cloud: true

If you encounter any issues during the integration process, go to the Satellite integration Troubleshooting and FAQs.

Last updated