Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Flowmon ADS and Splunk integration

 

Information

 

Summary:

Additional details about Flowmon ADS and Splunk integration. These details are extending existing guide:

https://support.kemptechnologies.com/hc/en-us/articles/15412197185677-Flowmon-and-Splunk-HEC-integration

Environment:

Product: Flowmon ADS

Version: Any

Platform: Any

Question/Problem Description:

 

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

Three variables have to be changed in the integration script:

IP='prd-p-2730i.splunkcloud.com:8088' 
API_KEY='8e4266c8-7a27-4e94-8fa8-70f89f1e7be8'
CHANNEL='c606ba89-6380-4e85-a0d3-33da6f0d9a48'


IP - change to your Splunk instance IP and port

API_KEY - refers to the Splunk token. The token is displayed after creating an Event Collector in Splunk - https://docs.splunk.com/Documentation/Splunk/9.0.4/Data/UsetheHTTPEventCollector
Create an Event Collector token on the Splunk Cloud Platform:
(Optional) Copy the token value that Splunk Web displays and paste it into another document for reference later.

CHANNEL - generate random UUID, e.g., at https://www.uuidgenerator.net/version4


The script has to be uploaded in ADS - Settings - System settings - Custom scripts - New custom script.
Then it can be used in:
ADS - Processing - Custom scripts - New custom script action.
The script action defines the perspective and priority of the events that should be sent to Splunk.

Workaround:  
Notes:  

Was this article helpful?
0 out of 0 found this helpful

Comments