Fylamynt Product Docs
  • Welcome to Fylamynt
  • Getting started
    • Onboarding Checklist
    • 1. Setting up your first Cloud Service target account
    • 2. Getting to know workflows
    • 3. Creating your first workflow using AWS Cloud Services
    • 4. Setting up your first Integration
    • 5. Setting up your first resource
    • 6. Creating your first Incident Response workflow
    • 7. Incident Management - Automatic workflow execution
    • 8. Quickstart - Fylamynt sample workflows
  • Integrations
    • Amazon EventBridge
    • Ansible
    • AWS
    • AWS Health
    • Container
    • Datadog
    • Elasticsearch
    • Generic Webhook
    • GitHub
    • Google Kubernetes Engine (GKE)
    • Humio
    • Instana
    • Jenkins
    • Jira
    • New Relic
    • Opsgenie
    • PagerDuty
    • Pulumi
    • Prometheus
    • ServiceNow
    • Slack
    • Splunk
    • Splunk On-Call (VictorOps)
    • Spot by Netapp
    • Squadcast
    • Sumo Logic
    • Teleport
    • Terraform Cloud
    • Terraform CLI
    • Twilio
    • Zoom
  • AWS Services
    • EC2
    • Service Health
  • RESOURCES
    • API Keys
    • CloudFormation Templates
    • CloudWatch Targets
    • EKS Permissions
    • S3 Buckets
    • SSH Targets
  • FEATURED WORKFLOWS
    • Stop or Terminate underutilized AWS resources
    • Rightsizing EC2 instances
    • Incident Response Automation
    • Application Performance Monitoring
  • Announcement
    • What's new?
  • Support
    • Contact Fylamynt
Powered by GitBook
On this page
  • Overview
  • Use Cases
  • Configure Splunk in Fylamynt
  • Integration Actions
  • Splunk Search

Was this helpful?

  1. Integrations

Splunk

Use the Splunk integration to search and retrieve data needed for incident enrichment.

PreviousSlackNextSplunk On-Call (VictorOps)

Last updated 3 years ago

Was this helpful?

Overview

Integrate Splunk Cloud in your workflows. This integration will help you find a way to automatically retrieve data and enable Splunk in your automation workflows.

Use Cases

The integration between Fylamynt and Splunk lets you:

  • Ability to retrieve data from Splunk based on a query described in SPL.

  • Connect the data to other workflow steps involving third-party integrations.

Configure Splunk in Fylamynt

  • Navigate to Settings > Integrations > Splunk

  • Configure a new integration instance

Details needed to set up Splunk instance in Fylamynt:

Parameter

Description

Required

Access Token

Token used to access the Splunk instance

True

Splunk URL

URL of the Splunk instance

True

Follow the steps below to integrate your Splunk instance with Fylamynt:

  1. Enter the URL to your Splunk Cloud instance in Splunk URL field in Fylamynt. This should be in the format <yoursubdomain>.splunkcloud.com. Please do not add https:// or http:// at the beginning.

  2. Generate an access token by following the instruction in Enter the access token in Access Token field.

  3. Click Authorize button to complete integration.

Integration Actions

You can add these actions in the Fylamynt workflow builder, as part of your workflow.

Splunk Search

Input

Parameter

Description

Required

alias

The target account for the run

True

query

Splunk query string to be executed during the run

True

s3_bucket

Name of the S3 bucket where the entire query result can be written

False

Output

Parameter

Type

Description

result

String

String representation of a JSON payload consisting of the query result.

is_result_truncated

Boolean

indicates whether the result is truncated or not. The “result” can have size up to 100kb. The entire result can be written to a S3 bucket provided by the input parameter “s3_bucket”.

s3_bucket

String

Name of the S3 bucket where the result was written.

result_bucket_key

String

The S3 bucket key where the result was written.

Action Example

  • Drag and drop the Splunk Search Action node onto the Workflow Editor Canvas

  • Select the Action node

  • Enter the Query

  • Optionally, select the AWS Target Account Alias and S3 bucket name for query output destination

https://docs.splunk.com/Documentation/SplunkCloud/8.1.2012/Security/CreateAuthTokens.
Splunk Search