Splunk Integration Guide
Splunk collects and indexes data from just about any source imaginable – network traffic, Web servers, custom applications, application servers, hypervisors, GPS systems, stock market feeds, social media, and preexisting structured databases. Integrate AlertOps’ alert management platform with Splunk to receive and respond to critical alerts through email, SMS, push notification, and phone alerts. AlertOps ensures that alerts received from Splunk always reach the correct, available team member by utilizing escalation policies and on-call schedules.
- From the main menu, click on Integrations and then select Inbound Integrations from the sub menu.
- Select API tab
- Select the 'ADD API INTEGRATION' button.
- You should now be on the API Integration Detail page. Select Splunk from the pre-built Integration Templates.
- Enter a name for the integration. Select an escalation rule to determine the integration's escalation policy. And, enter the names of recipient group(s) and recipient user(s). Click 'SAVE.' Then, click 'COPY URL' to copy the URL endpoint to be used in the Splunk configuration.
Step 1: Create a webhook in Splunk Click here to view Splunk Webhook Documentation.
Alert Triggering Information
AlertOps will automatically create an incident when a new alert is received from Splunk.
Testing and Troubleshooting
Click here to read about Web API Testing and Troubleshooting.