Splunk Sink

The Splunk sink plugin is available for Preview in the Hub.

This sinks writes data to Splunk Enterprise.

Configuration

Property

Macro Enabled?

Description

Property

Macro Enabled?

Description

Reference Name

No

Required. Name used to uniquely identify this sink for lineage, annotating metadata, etc.

URL

Yes

Required. URL to point to the Splunk server. The format for URL: \<protocol>://\<host>:\<port> (ex: http://localhost:8088).

Authentication Type

No

Required. Authentication method to access Splunk API. Defaults to Basic Authentication. Query String Authentication can be used in Splunk Cloud only.

HEC Token

Yes

Optional. The value of token created for authentication to the Splunk API.

Basic Authentication: Username

Yes

Optional. Login name for authentication to the Splunk API.

Endpoint

No

Required. Splunk endpoint to send data to.

Default is Event.

Batch Size

Yes

Required. The number of messages to batch before sending. 

Default is 1.

Event Metadata

No

Optional. Event metadata string in the JSON export for destination.

Channel Identifier Header

Yes

Optional. GUID for Splunk Channel.

Connect Timeout (milliseconds)

Yes

Required. The time in milliseconds to wait for a connection. Set to 0 for infinite. 

Default is 60000.

Read Timeout (milliseconds)

Yes

Required. The time in milliseconds to wait for a read. Set to 0 for infinite. 

Default is 60000.

Number of Retries

Yes

Required. The number of times the request should be retried if the request fails. 

Default is 3. Maximum time in milliseconds retries can take. Set to 0 for infinite. 

Max Retry Wait (milliseconds)

Yes

Required. Maximum time in milliseconds retries can take. Set to 0 for infinite. 

Default is 60000 (1 minute).

Max Retry Jitter Wait (milliseconds)

Yes

Required. Maximum time in milliseconds added to retries.

Default is 100.

Created in 2020 by Google Inc.