Splunk - Alerts Integration

Splunk is a powerful tool that enables you to easily collect, monitor, and analyze all kinds of logs and machine data from multiple sources.  NetBeez is able to integrate with and automatically send data to Splunk.


Integration Setup

Note:  These instructions assume that you have an active installation of Splunk.

  1. On your Splunk dashboard, enable HTTP Event Collector by following this step by step procedure (Detailed instructions are here: HTTP Event Collector walkthrough).
  2. On the NetBeez dashboard, go to Settings and open the Integrations panel.
  3. Input your EC token into the EC token field.
  4. Input your Splunk hostname into the Server URL field and specify port 8088. Important note for Splunk Cloud:  depending on the type of Splunk installation, you may need to modify the URL.
    • For self-service Splunk Cloud plans, add “input-” to the start of the URL (e.g. https://input-<your_instance>.cloud.splunk.com:8088)
    • For other Splunk Cloud plans, add “http-inputs-” to the start of the URL (e.g. https://http-inputs-<your_instance>.cloud.splunk.com:8088)
  5. Click the Test button.  If successful, you will see a green checkmark.
  6. Select the items for which you would like to receive Splunk notifications.  The options are incidents and alerts.  If you change these settings, be sure to Save.
  7. If you wish, return to your Splunk dashboard, click Search to run a search for your new data.  For example, you could try source="http:<token_name>" if you’d like to see all events coming via your new token.
Have more questions? Submit a request


Please sign in to leave a comment.