In order to get GitGuardian notifications on Splunk, you'll need a Splunk instance on which you have to generate a HTTP Event collector token (follow the instructions below).
Once you have your webhook URL and your token, enter it on the Integrations page.
- Open the web interface of your Splunk instance, head to the “Settings” tab, then “Data inputs”.
- Click on the link to add a new HTTP Event Collector, then on the button to add a new token.
- Give a name (and optionally a description) to your Event Collector, then click the “Next” button.
- Select an existing index or create a new index, then click the “Review” button.
- Check that everything is correct, then click the “Submit” button.
- Congratulations, your token is created! Now go back to the “Settings / Data inputs” page.
- The tokens are disabled by default. You have to enable it by clicking the “Global Settings” button.
- If your instance URL is https://prd-p-xxxxxxxxxxxx.cloud.splunk.com/, then your webhook URL is https://input-prd-p-xxxxxxxxxxxx.cloud.splunk.com:8088/services/collector/event .
- Pick your webhook URL and your token and input them into the Splunk integration section of your dashboard.