Splunk Integration

Caveat: each of the following integration directions was based on the UI when it was written. The UIs may change by the time you read this, so UI updates are beyond the scope of these articles. Please go to the integration target sites for their latest information on integration directions.

Integrating Apica with Splunk

Splunk is an IT infrastructure platform for data collection from multiple online sources to use for, among other things, performance management, monitoring, and data analysis.

Note: To use Splunk with Synthetic Monitoring, you must sign up for a Splunk account.

Splunk Deployment Options

The Splunk integration should work out of the box, but you may want to look into some customizations of the messages at the Splunk end.

Splunk Deployment Options

Splunk Introduction

Introduction

In Splunk, Synthetic Monitoring can be used together to create a customized Dashboard view.

It is then possible to correlate monitoring metrics, such as Response Time and Received Bytes with Apica Synthetic Monitoring metrics from other services on the same dashboard.

In Synthetic Monitoring, Splunk can be used as a target in Synthetic Monitoring, Manage Alerts.

Sample views:

Splunk Dashboard

Alert Target

Splunk Setup

Setup

The Synthetic Monitoring [ASMDOCS:The Apica ASM API can be accessed from Splunk using the Splunk REST API Modular Input] plugin.

Splunk Cloud Deployment

The Splunk alert targets use the Splunk REST API.

For the alerts to work with Splunk Cloud, this requires you to enter the correct host and user credentials settings.

Note: For access to Splunk REST API and SDKs for Splunk Cloud deployment, you need to submit a support case to Splunk requesting access.

Overview

More information

Splunk documentation:

Types of Splunk Cloud deployment

Using the REST API with Splunk Cloud

Managed Deployment

For managed deployments, Splunk Support opens port 8089 for REST access. You can specify a range of IP addresses to control who can access the REST API.

Host value

For Splunk managed deployments, the target Splunk Host is on the format

<deployment-name>.cloud.splunk.com

Credentials

You cannot use SAML authentication with the REST API.

The target Splunk Username to use for self-service deployments, the can be any valid Splunk User.

Self-Service Deployment

For self-service deployments, Splunk Support defines a dedicated user and sends you credentials that enable that user to access the REST API.

Host Value

For self-service deployments, the target Splunk Host is on the format

input-<deployment-name>.cloud.splunk.com

Note the input- at the start of the URL.

Credentials

You cannot use SAML authentication with the REST API.

The target Splunk Host needs to be the dedicated non-SAML user credentials dedicated user provided to you by Splunk Support.

Apica Data in Splunk

Apica Data In Splunk

The data collected from Synthetic Monitoring can be used in the usual ways in Splunk.

Splunk will pull data from WPM every 5 minutes and index the response:

You can now

Search for the data you want
create reports/dashboards:

Configure Endpoint

With the Splunk Add-On installed, you can create an endpoint.

Then you add your headers, content, URL etc for the REST API that you want to pull data from – and you also specify how often you want to poll the data.

Splunk Add-On

The Splunk REST API Modular Input plugin can be used to integrate Synthetic Monitoring with Splunk.

Install Plugin

With the REST API Modular Input you can pull data from a REST API (Synthetic Monitoring in this case) and index the response.

Download the plugin REST API Modular Input
Install the plugin

Additional Scripts

More advanced data endpoints can be created by adding scripts in Splunk.

View

PreviousServiceNow Integration NextMetrics

Was this helpful?

Splunk Integration

Integrating Apica with Splunk

Splunk is an IT infrastructure platform for data collection from multiple online sources to use for, among other things, performance management, monitoring, and data analysis.

Note: To use Splunk with Synthetic Monitoring, you must sign up for a Splunk account.

Splunk Deployment Options

The Splunk integration should work out of the box, but you may want to look into some customizations of the messages at the Splunk end.

Splunk Deployment Options

Splunk Introduction

Introduction

In Splunk, Synthetic Monitoring can be used together to create a customized Dashboard view.

It is then possible to correlate monitoring metrics, such as Response Time and Received Bytes with Apica Synthetic Monitoring metrics from other services on the same dashboard.

In Synthetic Monitoring, Splunk can be used as a target in Synthetic Monitoring, Manage Alerts.

Sample views:

Splunk Dashboard

Alert Target

Splunk Setup

Setup

The Synthetic Monitoring [ASMDOCS:The Apica ASM API can be accessed from Splunk using the Splunk REST API Modular Input] plugin.

Splunk Cloud Deployment

The Splunk alert targets use the Splunk REST API.

For the alerts to work with Splunk Cloud, this requires you to enter the correct host and user credentials settings.

Note: For access to Splunk REST API and SDKs for Splunk Cloud deployment, you need to submit a support case to Splunk requesting access.

Overview

More information

Splunk documentation:

Types of Splunk Cloud deployment

Using the REST API with Splunk Cloud

Managed Deployment

For managed deployments, Splunk Support opens port 8089 for REST access. You can specify a range of IP addresses to control who can access the REST API.

Host value

For Splunk managed deployments, the target Splunk Host is on the format

<deployment-name>.cloud.splunk.com

Credentials

You cannot use SAML authentication with the REST API.

The target Splunk Username to use for self-service deployments, the can be any valid Splunk User.

Self-Service Deployment

For self-service deployments, Splunk Support defines a dedicated user and sends you credentials that enable that user to access the REST API.

Host Value

For self-service deployments, the target Splunk Host is on the format

input-<deployment-name>.cloud.splunk.com

Note the input- at the start of the URL.

Credentials

You cannot use SAML authentication with the REST API.

The target Splunk Host needs to be the dedicated non-SAML user credentials dedicated user provided to you by Splunk Support.

Apica Data in Splunk

Apica Data In Splunk

The data collected from Synthetic Monitoring can be used in the usual ways in Splunk.

Splunk will pull data from WPM every 5 minutes and index the response:

You can now

Search for the data you want
create reports/dashboards:

Configure Endpoint

With the Splunk Add-On installed, you can create an endpoint.

Then you add your headers, content, URL etc for the REST API that you want to pull data from – and you also specify how often you want to poll the data.

Splunk Add-On

The Splunk REST API Modular Input plugin can be used to integrate Synthetic Monitoring with Splunk.

Install Plugin

With the REST API Modular Input you can pull data from a REST API (Synthetic Monitoring in this case) and index the response.

Download the plugin REST API Modular Input
Install the plugin

Additional Scripts

More advanced data endpoints can be created by adding scripts in Splunk.

View

PreviousServiceNow Integration NextMetrics

Was this helpful?