Splunk
This page describes how to configure a Splunk integration with a Spherical CloudFormation stack.
Pre-installation configuration
Before you install a Spherical stack, you must first set up a HTTP Event Collector in your installation of Splunk.
For Splunk Enterprise or self-service Splunk Cloud, first go to 'Settings'.
Click 'Data inputs' and navigate to 'HTTP Event Collector'.
Click 'Global Settings'.
Click the Enable button, and then click Save. (For more information, see "Enable HTTP Event Collector" in the Getting Data in the Splunk manual).
Note: For managed Splunk Cloud, submit a support ticket to have the feature enabled.
Create at least one input token. You'll need this token later.
Token
For Splunk Enterprise or self-service Splunk Cloud, click the 'Add New' button.
Proceed through the 'Add Data' workflow until you've successfully created a token. (For more information, see 'Create an Event Collector' token in the 'Getting Data In' Splunk manual).
For managed Splunk Cloud, submit a support ticket to create or manage a token.
Splunk URL
In addition to an authorisation token, you also need a Splunk URL. This varies depending on your type of Splunk deployment.
Enterprise: <protocol>://<host>:<port>/<endpoint>
Managed Cloud: <protocol>://http-inputs-<host>:<port>/<endpoint>
Self-Service Cloud: <protocol>://input-<host>:<port>/<endpoint>
Once you have got both a Splunk URL and a Token, you can go ahead and create a Spherical stack using CloudFormation.
Last updated