# Splunk

## Overview <a href="#overview" id="overview"></a>

Integrate Splunk Cloud in your workflows. This integration will help you find a way to automatically retrieve data and enable Splunk in your automation workflows.

## Use Cases <a href="#use-cases" id="use-cases"></a>

The integration between Fylamynt and Splunk lets you:

* Ability to retrieve data from Splunk based on a query described in SPL.
* Connect the data to other workflow steps involving third-party integrations.

## Configure Splunk in Fylamynt

* Navigate to **Settings** > **Integrations** > **Splunk**
* Configure a new integration instance

Details needed to set up **Splunk instance** in **Fylamynt**:

<table data-header-hidden><thead><tr><th>Parameter</th><th width="376.3333333333333">Description</th><th>Required</th></tr></thead><tbody><tr><td><strong>Parameter</strong></td><td><strong>Description</strong></td><td><strong>Required</strong></td></tr><tr><td>Access Token</td><td>Token used to access the Splunk instance</td><td>True</td></tr><tr><td>Splunk URL</td><td>URL of the Splunk instance</td><td>True</td></tr></tbody></table>

Follow the steps below to integrate your **Splunk** instance with **Fylamynt**:

1. Enter the URL to your Splunk Cloud instance in **Splunk URL** field in Fylamynt. This should be in the format ***\<yoursubdomain>.splunkcloud.com***. Please do not add ***https\://*** or ***http\://*** at the beginning.
2. Generate an access token by following the instruction in [https://docs.splunk.com/Documentation/SplunkCloud/8.1.2012/Security/CreateAuthTokens.](https://docs.splunk.com/Documentation/SplunkCloud/8.1.2012/Security/CreateAuthTokens) Enter the access token in **Access Token** field.
3. Click **Authorize** button to complete integration.

## Integration Actions

You can add these actions in the Fylamynt workflow builder, as part of your workflow.

1. [Splunk Search](#splunk-search)

### **Splunk Search**

**Input**

| **Parameter** | **Description**                                                    | **Required** |
| ------------- | ------------------------------------------------------------------ | ------------ |
| alias         | The target account for the run                                     | True         |
| query         | Splunk query string to be executed during the run                  | True         |
| s3\_bucket    | Name of the S3 bucket where the entire query result can be written | False        |

**Output**

| **Parameter**         | **Type** | **Description**                                                                                                                                                                         |
| --------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| result                | String   | String representation of a JSON payload consisting of the query result.                                                                                                                 |
| is\_result\_truncated | Boolean  | indicates whether the result is truncated or not. The “result” can have size up to 100kb. The entire result can be written to a S3 bucket provided by the input parameter “s3\_bucket”. |
| s3\_bucket            | String   | Name of the S3 bucket where the result was written.                                                                                                                                     |
| result\_bucket\_key   | String   | The S3 bucket key where the result was written.                                                                                                                                         |

**Action Example**

* Drag and drop the Splunk Search Action node onto the Workflow Editor Canvas
* Select the Action node
* Enter the Query
* Optionally, select the AWS Target Account Alias and S3 bucket name for query output destination

![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FaYZmLCLJ3NYYechPiAOt%2Fimage.png?alt=media\&token=f51c2be4-4102-4bbd-83cc-76e4896b5cdc)