Splunk Event Logging Processor
The Splunk Event Logging Processor is used to log custom messages to a Splunk instance via HTTP. It will not alter the current Transaction Data or Attributes, and instead logs the message provided in the configuration.
Configuration
Configuring the Splunk Search Listener is done primarily in two tabs, Basic and Connection. The options available in the Advanced and Conditional Execution tabs are for additional configuration, but are not required for processing.
Basic Tab – The Basic tab contains the following configuration options:
- Event String: The message to log into Splunk. This can be provided via OGNL, Environment Property, or simple configuration string.
- Index Name: The name of the Splunk Index to apply this message to. It will be dependent on your particular Splunk instance, but ‘main’ is the standard index for a default installation.
- Event Host: The name of the event host this message is coming from. Can be left blank or provided a custom value.
- Event Source: The name of the event source for this message. Similar to the event host, can be left blank if desired.
Connection Tab – The Connection tab contains the following configuration options:
- Username: The username of the Splunk user to connect as.
- Password: The Splunk user’s password.
- Hostname: The hostname of the Splunk instance to connect to.
- Connection Port: The Splunk instance connection port. The default value is 8089.