Splunk Sink
The Splunk sink plugin is available for Preview in the Hub.
This sinks writes data to Splunk Enterprise.
Configuration
Property | Macro Enabled? | Description |
---|---|---|
Reference Name | No | Required. Name used to uniquely identify this sink for lineage, annotating metadata, etc. |
URL | Yes | Required. URL to point to the Splunk server. The format for URL: \<protocol>://\<host>:\<port> (ex: http://localhost:8088). |
Authentication Type | No | Required. Authentication method to access Splunk API. Defaults to Basic Authentication. Query String Authentication can be used in Splunk Cloud only. |
HEC Token | Yes | Optional. The value of token created for authentication to the Splunk API. |
Basic Authentication: Username | Yes | Optional. Login name for authentication to the Splunk API. |
Endpoint | No | Required. Splunk endpoint to send data to. Default is Event. |
Batch Size | Yes | Required. The number of messages to batch before sending. Default is 1. |
Event Metadata | No | Optional. Event metadata string in the JSON export for destination. |
Channel Identifier Header | Yes | Optional. GUID for Splunk Channel. |
Connect Timeout (milliseconds) | Yes | Required. The time in milliseconds to wait for a connection. Set to 0 for infinite. Default is 60000. |
Read Timeout (milliseconds) | Yes | Required. The time in milliseconds to wait for a read. Set to 0 for infinite. Default is 60000. |
Number of Retries | Yes | Required. The number of times the request should be retried if the request fails. Default is 3. Maximum time in milliseconds retries can take. Set to 0 for infinite. |
Max Retry Wait (milliseconds) | Yes | Required. Maximum time in milliseconds retries can take. Set to 0 for infinite. Default is 60000 (1 minute). |
Max Retry Jitter Wait (milliseconds) | Yes | Required. Maximum time in milliseconds added to retries. Default is 100. |
Created in 2020 by Google Inc.