TELEMETRY PIPELINE
Splunk HEC

Splunk HEC source plugin

The Splunk HEC plugin lets you ingest log data from the Splunk HTTP Event Collector.

Supported telemetry types

This plugin supports these telemetry types:

LogsMetricsTraces

Configuration parameters

Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.

General

NameKeyDescriptionDefault
Address to Listen OnlistenRequired. The address to listen on.0.0.0.0
PortportRequired. The port for Telemetry Pipeline to listen on.9880
Tag KeytagSpecifies the key name to overwrite a tag. If set, the value of that key overwrites the tag.none
Buffer Max Sizebuffer_max_sizeSpecifies the maximum buffer size in KB to receive a JSON message.4M
Buffer Chunk Sizebuffer_chunk_sizeRequired. Sets the chunk size for incoming JSON messages. Chunks are stored and managed in the space available by buffer_max_size.512K
Splunk Tokensplunk_tokenYour Splunk token for HTTP HEC.none

Security and TLS

NameKeyDescriptionDefault
TLStlsEnables or disables TLS/SSL support. Accepted values: true, false.false
TLS Certificate Validationtls.verifyEnables or disables TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: off, on.on
TLS Debug Leveltls.debugSets TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose).1
CA Certificate File Pathtls.ca_fileAbsolute path to CA certificate file.none
Certificate File Pathtls.crt_fileAbsolute path to certificate file.none
Private Key File Pathtls.key_fileAbsolute path to private key file.none
Private Key Path Passwordtls.key_passwdPassword for private key file.none
TLS SNI Hostname Extensiontls.vhostHostname to be used for TLS SNI extension.none