Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Introduction

Splunk Enterprise is a fully featured, powerful platform for collecting, searching, monitoring and analyzing machine data. Splunk Enterprise is easy to deploy and use. It turns machine data into rapid visibility, insight and intelligence. 

Use case(s)

User Storie(s)

  • As a pipeline developer, I would like to write relevant machine level data to Splunk for analysis
  • As a pipeline developer, I would like to filter and transform relevant fields to send to Splunk for analysis
  • As a pipeline developer I would like to ensure the records and relevant metadata are transformed into the correct format needed by Splunk HTTP Event Collector (Splunk HEC). Each record must contain event data and optional metadata in required format.
  • As a pipeline developer, I would like to send HTTP POST requests to Spunk HEC in JSON. One request is generated for one batch of records to Splunk HEC
  • As a pipeline developer, I would like to get an error if the data is not written successfully to Spunk HTTP Event Collector (Splunk HEC)

Plugin Type

  • Batch Source
  • Batch Sink 
  • Real-time Source
  • Real-time Sink
  • Action
  • Post-Run Action
  • Aggregate
  • Join
  • Spark Model
  • Spark Compute

Configurables

Following fields must be configurable for the plugin:


API EndpointSplunk API EndpointExample
HEC TokenHEC Token
HTTP CompressionCompression format for the messages:
  • None
  • Snappy
  • Gzip

Connect Timeout
The time in milliseconds to wait for a connection. Set to 0 for infinite. Defaults to 60000 (1 minute).

Read Timeout
The time in milliseconds to wait for a connection. Set to 0 for infinite. Defaults to 60000 (1 minute).



Authentication TypeDetermines the authentication type used to connect to the server:
  • None - Performs no authentication.
  • Basic - Uses basic authentication. Requires a username and password.

    Use with HTTPS to avoid passing unencrypted credentials.

  • Digest - Uses digest authentication. Requires a username and password.
  • Universal - Makes an anonymous connection, then provides authentication credentials upon receiving a 401 status and a WWW-Authenticate header request.

    Requires a username and password associated with basic or digest authentication.

    Use only with servers that respond to this workflow.

  • OAuth - Uses OAuth 1.0 authentication. Requires OAuth credentials.

Use Proxy

Enables using an HTTP proxy to connect to the system.


Design / Implementation Tips

  • Tip #1
  • Tip #2

Design

Approach(s)

Properties

Security

Limitation(s)

Future Work

  • Some future work – HYDRATOR-99999
  • Another future work – HYDRATOR-99999

Test Case(s)

  • Test case #1
  • Test case #2

Sample Pipeline

Please attach one or more sample pipeline(s) and associated data. 

Pipeline #1

Pipeline #2



Table of Contents

Checklist

  • User stories documented 
  • User stories reviewed 
  • Design documented 
  • Design reviewed 
  • Feature merged 
  • Examples and guides 
  • Integration tests 
  • Documentation for feature 
  • Short video demonstrating the feature
  • No labels

Created in 2020 by Google Inc.