search
PricingSign inRequest a Demo

Splunk (HEC)

Splunk Authentication Token and network access to the Splunk indexer.

hashtag
Creating a Splunk Token

Got to the Settings Menu--> Tokens

Bindplane docs - Splunk HEC - image 1

Example: Creating a Token within Splunk

Bindplane docs - Splunk HEC - image 2

hashtag
Network Requirements

Network access to the Splunk indexer, TCP: 8088 is the default.

hashtag
Supported Platforms

Platform
Logs
Metrics
Traces

Linux

Windows

macOS

hashtag
Configuration Table

Parameter
Type
Default
Description

token

string

Authentication token used when connecting to the HTTP Event Collector.

index

string

Optional name of the Splunk index targeted.

hostname

string

localhost

Hostname or IP address of the HTTP Event Collector.

port

int

8088

TCP port to which the exporter is going to send data.

path

string

/services/collector/event

The HTTP API path to which the exporter is going to send data.

max_request_size

int

2097152

The maximum size (in bytes) of a request sent to the destination. A value of 0 will send unbounded requests. The maximum allowed value is 838860800 (~800MB).

max_event_size

int

2097152

The maximum size (in bytes) of an individual event. Events larger than this will be dropped. The maximum allowed value is 838860800 (~800MB).

enable_compression

bool

true

Compress telemetry data using gzip before sending.

enable_tls

bool

false

Whether or not to use TLS.

insecure_skip_verify

bool

false

Enable to skip TLS certificate verification.

ca_file

string

Certificate authority that is used to validate TLS certificates.

hashtag
Configuration

Example: Splunk Destination configuration

Bindplane docs - Splunk HEC - image 3

hashtag
Supported Retry and Queuing Settings

This destination supports the retry settings, the sending queue settings, and the persistent queue settings.

Sending Queue
Persistent Queue
Retry on Failure

PreviousSnowflakeNextSplunk Observability Cloud

Last updated

Was this helpful?