1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20

doc

How to use Splunk to receive data from Data Streaming

While configuring data streamings, you need to set up a specific endpoint to stream your Azion data.

Continue reading for a step by step on how to connect an Splunk endpoint to receive data from Data Streaming.

  1. Splunk requirements
  2. Configuring the endpoint in Data Streaming

1. Splunk requirements

To use Splunk as a destination for your logs, you’ll need to:

  1. Create a Splunk account.
  2. Create and configure a HTTP Event Collector (HEC) instance corresponding to the type of Splunk instance you’re using.
  3. Save your event collector URL.
  4. Create a HEC token.
  5. Enable the created HEC token.
  6. Save the HEC token you’ve enabled and your event’s connector URL.

The URL structure for your event collector varies depending on the Splunk instance you’re using:

Instance Type URL
Self-hosted https://<host>:<port>/services/collector/event
Self-service Splunk Cloud plans https://input-<host>:<port>/services/collector/event
Other Splunk Cloud plans <protocol>://http-inputs-<host>:<port>/services/collector/event

Find more details about configurations in the Splunk documentation page.

2. Configuring the endpoint in Data Streaming

Next, follow these steps to configure the new endpoint you created in Splunk in your Azion Data Streaming.

You can find detailed steps for the entire configuration on the How to use Data Streaming guide.

In the Destination configurations:

  1. On the Endpoint Type dropdown menu, select Splunk.
  2. On Splunk URL, add the URL from your Splunk event’s connector. If you have an alternative index to point, you can add it at the end of the URL. Example: https://inputs.splunkcloud.com:8080/services/collector?index=myindex
  3. On API Key, add the HTTP Event Collector Token provided in your Splunk installation. Example: cret248d6-22p8-95gw-g5ke-6k45w2sal634
  4. Make sure the Active switch is on.
  5. Click the Save button.

After saving the configurations, your data will be streamed to the newly configured endpoint.

You can keep track of the calls made by Data Streaming to Splunk on Real-Time Events. To do so, select Data Source > Data Streaming and choose the filters options as you wish.

Trademarks

Splunk is a registered trademark of Splunk Inc in the United States and other countries.

Didn’t find what you were looking for? Open a support ticket.