Splunk

Use the Splunk integration to search and retrieve data needed for incident enrichment.

Overview
Integrate Splunk Cloud in your workflows. This integration will help you find a way to automatically retrieve data and enable Splunk in your automation workflows.
Use Cases
The integration between Fylamynt and Splunk lets you:
Ability to retrieve data from Splunk based on a query described in SPL.
Connect the data to other workflow steps involving third-party integrations.
Configure Splunk in Fylamynt
Navigate to Settings > Integrations > Splunk
Configure a new integration instance
Details needed to set up Splunk instance in Fylamynt:
Parameter
Description
Required
Access Token
Token used to access the Splunk instance
True
Splunk URL
URL of the Splunk instance
True
Follow the steps below to integrate your Splunk instance with Fylamynt:
1.Enter the URL to your Splunk Cloud instance in Splunk URL field in Fylamynt. This should be in the format <yoursubdomain>.splunkcloud.com. Please do not add https:// or http:// at the beginning.
2.Generate an access token by following the instruction in https://docs.splunk.com/Documentation/SplunkCloud/8.1.2012/Security/CreateAuthTokens. Enter the access token in Access Token field.
3.Click Authorize button to complete integration.
Integration Actions
You can add these actions in the Fylamynt workflow builder, as part of your workflow.
1.​Splunk Search​
Splunk Search
Input
Parameter
Description
Required
alias
The target account for the run
True
query
Splunk query string to be executed during the run
True
s3_bucket
Name of the S3 bucket where the entire query result can be written
False
Output
Parameter
Type
Description
result
String
String representation of a JSON payload consisting of the query result.
is_result_truncated
Boolean
indicates whether the result is truncated or not. The “result” can have size up to 100kb. The entire result can be written to a S3 bucket provided by the input parameter “s3_bucket”.
s3_bucket
String
Name of the S3 bucket where the result was written.
result_bucket_key
String
The S3 bucket key where the result was written.
Action Example
Drag and drop the Splunk Search Action node onto the Workflow Editor Canvas
Select the Action node
Enter the Query
Optionally, select the AWS Target Account Alias and S3 bucket name for query output destination
​

Integrations - Previous

Slack

Next - Integrations

Splunk On-Call (VictorOps)

Last modified 1yr ago

Parameter	Description	Required
Access Token	Token used to access the Splunk instance	True
Splunk URL	URL of the Splunk instance	True

Parameter	Type	Description
result	String	String representation of a JSON payload consisting of the query result.
is_result_truncated	Boolean	indicates whether the result is truncated or not. The “result” can have size up to 100kb. The entire result can be written to a S3 bucket provided by the input parameter “s3_bucket”.
s3_bucket	String	Name of the S3 bucket where the result was written.
result_bucket_key	String	The S3 bucket key where the result was written.