Splunk

Splunk Destination Plugin

Splunk is a popular platform for collecting, analyzing, and visualizing machine-generated data, including logs, metrics, and other telemetry data. The Splunk Destination Plugin in Calyptia Core allows you to seamlessly integrate your telemetry data with Splunk, enabling you to store, analyze, and visualize your data using Splunk's powerful data analytics and visualization tools. With the Splunk Destination Plugin, you can easily configure your Calyptia Core pipeline to send your telemetry data to Splunk.

Configuration Parameters

The following are configuration Parameters for Splunk Destination Plugin.

Key	Destination
Host	IP address or hostname of the target Splunk service
Port	TCP port of the target Splunk service.
Compress	Set payload compression mechanism.
Splunk HTTP Token*	Specify the Authentication Token for the HTTP Event Collector interface

Key

Destination

Host

IP address or hostname of the target Splunk service

Port

TCP port of the target Splunk service.

Compress

Set payload compression mechanism.

Splunk HTTP Token*

Specify the Authentication Token for the HTTP Event Collector interface

The following are Security and TLS configuration Parameters for Splunk Destination Plugin.

Key	Description
TLS	Enable or Disable TLS/SSL support
TLS Certificate Validation	Turn TLS/SSL certificate validation on / off, TLS must be on for this setting to be enabled.
TLS Debug Level	Set TLS debug verbosity level. It accepts the following values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), and 4 Verbose
CA Certificate File Path	Absolute path to CA certificate file
Certificate File Path	Absolute path to Certificate file
Private key File Path	Absolute path to private Key file
Private Key Path Password	Optional password for tls.key_file file
TLS SNI Hostname Extension	Hostname to be used for TLS SNI Extension

Key

Description

TLS

Enable or Disable TLS/SSL support

TLS Certificate Validation

Turn TLS/SSL certificate validation on / off, TLS must be on for this setting to be enabled.

TLS Debug Level

Set TLS debug verbosity level. It accepts the following values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), and 4 Verbose

CA Certificate File Path

Absolute path to CA certificate file

Certificate File Path

Absolute path to Certificate file

Private key File Path

Absolute path to private Key file

Private Key Path Password

Optional password for tls.key_file file

TLS SNI Hostname Extension

Hostname to be used for TLS SNI Extension

The following are Advanced Networking configuration Parameters for Splunk Destination Plugin.

Key	Description
DNS Mode	Select the primary DNS connection type (TCP or UDP)
DNS Resolver	Select the primary DNS connection type (TCP or UDP)
Prefer IPv4	Prioritize IPv4 DNS results when trying to establish a connection
Keepalive	Enable or disable Keepalive support
Keepalive Idle Timeout	Set maximum time allowed for an idle Keepalive connection
Max Connect Timeout	Set maximum time allowed to establish a connection, this time includes the TLS handshake
Max Connect Timeout Log Error	On connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message
Max Keepalive Recycle	Set maximum number of times a keepalive connection can be used before it is retired.
Source Address	Specify network address to bind for data traffic

Key

Description

DNS Mode

Select the primary DNS connection type (TCP or UDP)

DNS Resolver

Select the primary DNS connection type (TCP or UDP)

Prefer IPv4

Prioritize IPv4 DNS results when trying to establish a connection

Keepalive

Enable or disable Keepalive support

Keepalive Idle Timeout

Set maximum time allowed for an idle Keepalive connection

Max Connect Timeout

Set maximum time allowed to establish a connection, this time includes the TLS handshake

Max Connect Timeout Log Error

On connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message

Max Keepalive Recycle

Set maximum number of times a keepalive connection can be used before it is retired.

Source Address

Specify network address to bind for data traffic

The following are Basic Authentication configuration Parameters for Splunk Destination Plugin.

Key	Description
HTTP Username	Basic Auth Username
HTTP Password	Basic Auth Password. Requires HTTP_User to be set

Key

Description

HTTP Username

Basic Auth Username

HTTP Password

Basic Auth Password. Requires HTTP_User to be set

The following are Debugging configuration Parameters for Splunk Destination Plugin.

Key	Description
HTTP Buffer Size	Specify the buffer size used to read the response from the Splunk HTTP service. This option is useful for debugging purposes where is required to read full responses, note that response size grows depending of the number of records inserted. To set an unlimited amount of memory set this value to false, otherwise the value must be according to the Unit Size specification
Enable HTTP Debug Bad Request	If the HTTP server response code is 400 (bad request) and this flag is enabled, it will print the full HTTP request and response to the stdout interface. This feature is available for debugging purposes.

Key

Description

HTTP Buffer Size

Specify the buffer size used to read the response from the Splunk HTTP service. This option is useful for debugging purposes where is required to read full responses, note that response size grows depending of the number of records inserted. To set an unlimited amount of memory set this value to false, otherwise the value must be according to the Unit Size specification

Enable HTTP Debug Bad Request

If the HTTP server response code is 400 (bad request) and this flag is enabled, it will print the full HTTP request and response to the stdout interface. This feature is available for debugging purposes.

PreviousStandard Output NextElasticsearch

Last updated 6 months ago