• Guides
• Endpoint Splunk

While configuring data streamings, you need to set up a specific endpoint to stream your Azion data.

Continue reading for a step by step on how to connect an Splunk endpoint to receive data from Data Streaming.

To use Splunk as a destination for your logs, you’ll need to:

1. Create a Splunk account.
2. Create and configure a HTTP Event Collector (HEC) instance corresponding to the type of Splunk instance you’re using.
3. Save your event collector URL.
4. Create a HEC token.
5. Enable the created HEC token.
6. Save the HEC token you’ve enabled and your event’s connector URL.

The URL structure for your event collector varies depending on the Splunk instance you’re using:

Find more details about configurations in the Splunk documentation page.

Next, follow these steps to configure the new endpoint you created in Splunk in your Azion Data Streaming.

You can find detailed steps for the entire configuration on the How to use Data Streaming guide.

In the Destination configurations:

1. On the Endpoint Type dropdown menu, select Splunk.
2. On Splunk URL, add the URL from your Splunk event’s connector. If you have an alternative index to point, you can add it at the end of the URL. Example: https://inputs.splunkcloud.com:8080/services/collector?index=myindex
3. On API Key, add the HTTP Event Collector Token provided in your Splunk installation. Example: cret248d6-22p8-95gw-g5ke-6k45w2sal634
4. Make sure the Active switch is on.
5. Click the Save button.

After saving the configurations, your data will be streamed to the newly configured endpoint.

You can keep track of the calls made by Data Streaming to Splunk on Real-Time Events. To do so, select Data Source > Data Streaming and choose the filters options as you wish.

Splunk is a registered trademark of Splunk Inc in the United States and other countries.

Contributors