Skip to main content

Splunk

In order to get GitGuardian notifications on Splunk, you'll need a Splunk instance on which you have to generate a HTTP Event collector token (follow the instructions below).

Once you have your webhook URL and your token, enter it on the Integrations page.

How to integrate#

  1. Open the web interface of your Splunk instance, head to the “Settings” tab, then “Data inputs”.

splunk1

splunk2

  1. Click on the link to add a new HTTP Event Collector, then on the button to add a new token.

splunk3

splunk4

  1. Give a name (and optionally a description) to your Event Collector, then click the “Next” button.

splunk5

  1. Select an existing index or create a new index, then click the “Review” button.

splunk6

splunk6.1

  1. Check that everything is correct, then click the “Submit” button.

splunk7

  1. Congratulations, your token is created! Now go back to the “Settings / Data inputs” page.

splunk8

splunk2

  1. The tokens are disabled by default. You have to enable it by clicking the “Global Settings” button.

splunk9

splunk10

  1. If your instance URL is https://prd-p-xxxxxxxxxxxx.cloud.splunk.com/, then your webhook URL is https://input-prd-p-xxxxxxxxxxxx.cloud.splunk.com:8088/services/collector/event .

splunk11

  1. Pick your webhook URL and your token and input them into the Splunk integration section of your dashboard.