Splunk destination plugin
Splunk is a popular platform for collecting, analyzing, and visualizing machine-generated data, including logs, metrics, and other telemetry data. The Splunk Destination Plugin in Calyptia Core allows you to seamlessly integrate your telemetry data with Splunk, enabling you to store, analyze, and visualize your data using data analytics and visualization tools within Splunk. With the Splunk destination plugin, you can configure your Calyptia Core pipeline to send your telemetry data to Splunk.
Configuration parameters
The Splunk destination plugin provides these configuration parameters.
General
Key | Description |
---|---|
Host | IP address or hostname of the target Splunk service. |
Port | TCP port of the target Splunk service. |
Compress | Set payload compression mechanism. |
Splunk HTTP Token* | Specify the Authentication Token for the HTTP Event Collector interface. |
Security and TLS
Key | Description |
---|---|
TLS | Enable or disable TLS/SSL support. |
TLS Certificate Validation | Turn TLS/SSL certificate validation on or off. TLS must be on for this setting to be enabled. |
TLS Debug Level | Set TLS debug verbosity level. Accepts these values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose). |
CA Certificate File Path | Absolute path to CA certificate file. |
Certificate File Path | Absolute path to certificate file. |
Private key File Path | Absolute path to private key file. |
Private Key Path Password | Optional password for tls.key_file file. |
TLS SNI Hostname Extension | Hostname to be used for TLS SNI extension. |
Advanced networking
Key | Description |
---|---|
DNS Mode | Select the primary DNS connection type (TCP or UDP). |
DNS Resolver | Select the primary DNS connection type (TCP or UDP). |
Prefer IPv4 | Prioritize IPv4 DNS results when trying to establish a connection. |
Keepalive | Enable or disable Keepalive support. |
Keepalive Idle Timeout | Set maximum time allowed for an idle Keepalive connection. |
Max Connect Timeout | Set maximum time allowed to establish a connection. Time includes the TLS handshake. |
Max Connect Timeout Log Error | On connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message. |
Max Keepalive Recycle | Set maximum number of times a keepalive connection can be used before it is retired. |
Source Address | Specify network address to bind for data traffic. |
Basic authentication
Key | Description |
---|---|
HTTP Username | Basic Auth Username. |
HTTP Password | Basic Auth Password. Requires HTTP_User to be set. |
Debugging
Key | Description |
---|---|
HTTP Buffer Size | Specify the buffer size used to read the response from the Splunk HTTP service. This option is useful for debugging purposes where is required to read full responses. Response size grows depending of the number of records inserted. To set an unlimited amount of memory set this value to false, otherwise the value must be according to the Unit Size specification |
Enable HTTP Debug Bad Request | If the HTTP server response code is 400 (bad request) and this flag is enabled, it will print the full HTTP request and response to the stdout interface. This feature is available for debugging purposes. |