![]() From there you can manage it according to your specifications. The data extracted from the Heimdal Security database will be displayed as in the screenshot below. Input the added API source (example: source="rest://API Test" where API Test is the REST API Input Name from above, more exactly the name of the job you created), then press on the Search button. To view the ingested results, access the Search & Reporting section or go to the Search tab. To check all the created jobs and to manage them, go to Settings -> Data -> Data inputs and click on REST.ĭisplaying the data ingested from the HEIMDAL Security API After you have completed all the fields you have to click on Next at the top of the page. The other ones are optional and the Splunk help section can provide more details.ģ. These fields are required to configure Splunk to retrieve the data from Heimdal Security API requests. * - Make sure that the arguments are followed by the sign “ ,” (comma), as shown in the Splunk examples, and not with the sign “ &” (ampersand) as the examples from the Heimdal Dashboard because this will lead to the error message " User is not authorized to fulfill the operation." when executing the job. You can also add additional parameters, which are found under each API Statistics when you click on Show -> Optional Parameter Helper All API access is over HTTPS, and all data is transmitted securely in JSON format. ![]() The required parameters are customerId, startDate and endDate (ex: customerId=197818,startDate=T12:54,endDate=T12:56). The Splunk Intelligence Management REST API enables you to easily synchronize report information available in Splunk Intelligence Management with the monitoring tools and analysis workflows you use in your infrastructure. URL Arguments: insert the parameters for the API Requests.OAUTH 2 Access Token: add your Personal API KEY from the Heimdal Dashboard -> Guide -> HS API KEY -> New API/Old API.OAUTH 2 Token Type (OPTIONAL): Type "Bearer" in case the authentication does not work.Endpoint URL: Insert the path to the API request (ex: thirdparty ).Activation Key: Follow the link under the text field to obtain an activation key ( ).REST API Input Name: The name you want for the job.Go to Settings -> Data –> Data inputs -> REST and press Add new. ![]() Search for REST API Modular Input (found also on this page ) and hit Install.Īdding the HEIMDAL API into Splunk Enterpriseġ. This will open a new window with all the apps and extensions available for installation. From the Splunk Enterprise portal, click on Explore Splunk Enterprise and go to Splunk Apps.Ģ. Displaying the data ingested from the HEIMDAL Security API Adding REST API Modular Input into SPLUNK Enterpriseġ. Adding the HEIMDAL API into Splunk Enterpriseģ. Adding the REST API Modular Input App into SPLUNK EnterpriseĢ. ![]() In this article, you will learn how to ingest data from the HEIMDAL API into Splunk Enterprise ( ).ġ. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |