Blog
Configuration Level - Hard
In order to start using the Splunk integration, you will first need to configure it within Polarity.
Splunk Enterprise ->
For Splunk Enterprise you will need to have your Splunk admin create a Token.
Splunk Cloud -> Splunk cloud uses basic authentication, it is recommended to use a service account with the appropriate access.
Splunk Enterprise
Rest API URL and Port - Port used by Splunks Rest API. Typically this is 8089
Search URL - URL used to link out to Splunk to execute the search.
Token - Token created for a rest api user in Splunk. This is typically generated by a Splunk admin and requires version 7 or greater.
Search - Search you want Polarity to perform in Splunk.
Summary Tags - Data fields to use as Polarity summary tags
Splunk Cloud - Please contact your Splunk Support team to enable the Rest API on your cloud instance.
Rest API URL and Port - Port used by Splunks Rest API. Typically this is 8089
Search URL - URL used to link out to Splunk to execute the search.
Username and Password - Splunk cloud uses basic authentication for the rest API.
Search - Search you want Polarity to perform in Splunk.
Summary Tags - Data fields to use as Polarity summary tags