Versions Compared

Old Version 1

changes.mady.by.user Vasudha Gupta

Saved on

compared with

New Version 2

changes.mady.by.user Vasudha Gupta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

The Splunk plugins 

Introduction

Splunk Enterprise is a fully featured, powerful platform for collecting, searching, monitoring and analyzing machine data. Splunk Enterprise is easy to deploy and use. It turns machine data into rapid visibility, insight and intelligence. 

Use case(s)

User Storie(s)

  • As a pipeline developer, I would like to write relevant and filtered machine level data to Splunk for log analysis
  • As a pipeline developer, I would like to sent The destination sends HTTP POST requests to the HEC endpoint using the JSON data format. The destination generates one HTTP request for each batch, sending multiple records at a timefilter and transform relevant fields to send to Splunk for analysis
  • As a pipeline developer I would like to ensure the records and relevant metadata are transformed into the correct format needed by Splunk HTTP Event Collector (Splunk HEC). Each record must contain the event data and optionally the event optional metadata in the format required by Splunk.required format.
  • As a pipeline developer, I would like to send HTTP POST requests to Spunk HEC in JSON. One HTTP Request is generated for one batch of records to Splunk HEC
  • As a pipeline developer, I would like to get an error if the data is not written successfully to Spunk HTTP Event Collector (Splunk HEC)

Plugin Type

  •  Batch Source
  •  Batch Sink 
  •  Real-time Source
  •  Real-time Sink
  •  Action
  •  Post-Run Action
  •  Aggregate
  •  Join
  •  Spark Model
  •  Spark Compute

Configurables

This integration should be built using two plugins:

Zendesk single object

Used when you want to pull only a single object from Zendesk

User Facing NameTypeDescriptionOptionalConstraintsAdmin emailtextshould validate email.NoAPI tokentextCan be obtained from from the Zendesk Support Admin interface. Check out Zendesk's documentation for API Token generationNoObjects to pullselectSelect an object to pull from Zendesk. Comments, Groups, Organizations, Satisfaction Ratings, Tags, Ticket Events, Ticket Fields, Ticket Metrics, Ticket Metrics Events, Tickets, UsersNoDefaults to all.

Zendesk multi-object

Used when you want to pull only a single object from Zendesk

User Facing NameTypeDescriptionOptionalConstraintsAdmin emailtextshould validate email.NoAPI tokentextCan be obtained from from the Zendesk Support Admin interface. Check out Zendesk's documentation for API Token generationNoObjects to pullmulti-selectSelect a list of objects to pull from Zendesk. Comments, Groups, Organizations, Satisfaction Ratings, Tags, Ticket Events, Ticket Fields, Ticket Metrics, Ticket Metrics Events, Tickets, UsersYesDefaults to all.Objects to skipmulti-selectSelect a list of objects to skip from Zendesk. All other objects will be pulled.YesOnly used when Objects to pull is not specified

The plugin should output one record per row in Zendesk, with an additional field specifying the object where the record came from. Refer to the Salesforce multi-objects plugin for examplesFollowing fields must be configurable for the plugin:


API EndpointSplunk API EndpointExample
HEC TokenHEC Token
HTTP CompressionCompression format for the messages:
  • None
  • Snappy
  • Gzip

Connect Timeout
The time in milliseconds to wait for a connection. Set to 0 for infinite. Defaults to 60000 (1 minute).

Read Timeout
The time in milliseconds to wait for a connection. Set to 0 for infinite. Defaults to 60000 (1 minute).



Authentication TypeDetermines the authentication type used to connect to the server:
  • None - Performs no authentication.
  • Basic - Uses basic authentication. Requires a username and password.

    Use with HTTPS to avoid passing unencrypted credentials.

  • Digest - Uses digest authentication. Requires a username and password.
  • Universal - Makes an anonymous connection, then provides authentication credentials upon receiving a 401 status and a WWW-Authenticate header request.

    Requires a username and password associated with basic or digest authentication.

    Use only with servers that respond to this workflow.

  • OAuth - Uses OAuth 1.0 authentication. Requires OAuth credentials.

Use Proxy

Enables using an HTTP proxy to connect to the system.


Design / Implementation Tips

  • Tip #1
  • Tip #2

Design

Approach(s)

Properties

Security

Limitation(s)

Future Work

  • Some future work – HYDRATOR-99999
  • Another future work – HYDRATOR-99999

Test Case(s)

  • Test case #1
  • Test case #2

Sample Pipeline

Please attach one or more sample pipeline(s) and associated data. 

Pipeline #1

Pipeline #2



Table of Contents

Table of Contents
stylecircle

Checklist

  •  User stories documented 
  •  User stories reviewed 
  •  Design documented 
  •  Design reviewed 
  •  Feature merged 
  •  Examples and guides 
  •  Integration tests 
  •  Documentation for feature 
  •  Short video demonstrating the feature