|
Creating Data Extract from Splunk
The Splunk connector allows the retrieval of data from a Splunk instance.
Steps:
1. On the New Data Extract page, select Splunk in the Connector drop-down list.
2. Enter the following properties:
|
Property |
Description |
|
Host |
Splunk host address. |
|
Port |
Splunk host port. Default is 8089. |
|
User Id |
The user Id that will be used to connect to the Splunk service. |
|
Password |
The password that will be used to connect to the Splunk service. |
3. Select the Search Type:
· Manual
Proceed to step 6 to define a new search query.
· Saved Search
Allows you to select in the Saved Search drop-down list.
4. Click 
to
populate the Application drop-down list and select one.
5. Select whether the parameters should be automatically enclosed in quotes by checking the Enclose parameters in quotes box.
6. Enter a Search Query.
7. Click 
to save and display the details of the data extract.
8. Click
then 
to display the data
preview.