splunk

Splunk Integration Pack

Basic integration with Splunk Enterprise, Splunk Cloud, or Splunk Light: http://www.splunk.com/en_us/products.html

Configuration

Copy the example configuration in splunk.yaml.example to /opt/stackstorm/configs/splunk.yaml and edit as required.

It should contain:

host - Splunk server
port - Splunk API port (default 8089)
username - Splunk username
password - Splunk password

You can also use dynamic values from the datastore. See the docs for more info.

Actions

search

Runs a synchronous search to get Splunk data. E.g., st2 run splunk.search query='search * | head 10. Refer to Splunk documentation for search query syntax.

Sensors

TBD

Name		Name	Last commit message	Last commit date
parent directory ..
actions		actions
aliases		aliases
CHANGES.md		CHANGES.md
README.md		README.md
config.schema.yaml		config.schema.yaml
icon.png		icon.png
pack.yaml		pack.yaml
requirements.txt		requirements.txt
splunk.yaml.example		splunk.yaml.example

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

splunk

splunk

README.md

Splunk Integration Pack

Configuration

Actions

search

Sensors

Files

splunk

Directory actions

More options

Directory actions

More options

Latest commit

History

splunk

Folders and files

parent directory

README.md

Splunk Integration Pack

Configuration

Actions

search

Sensors