splunk source Splunk Source

Provided by: "Apache Software Foundation"

Support Level for this Kamelet is: "Stable"

Retrieve data from Splunk and outputs in json format.

For the fields accepting time specifiers like earliestTime, it accepts a wide variety of formats, please check Splunk documentation for more information.

Configuration Options

The following table summarizes the configuration options available for the splunk-source Kamelet:

Property Name Description Type Default Example

initEarliestTime

Init Earliest Time

Required Initial start offset of the first search.

string

05/17/22 08:35:46:456

password

Password

Required The password to authenticate to Splunk Server.

string

query

Query

Required The Splunk query to run.

string

serverHostname

Splunk Server Address

Required The address of your Splunk server.

string

my_server_splunk.com

username

Username

Required The username to authenticate to Splunk Server.

string

app

Splunk App

The app name in Splunk.

string

connectionTimeout

Connection Timeout

Timeout in milliseconds when connecting to Splunk server.

integer

count

Count

The maximum number of entities to return.

integer

delay

Delay

The number of milliseconds before the next poll.

integer

earliestTime

Earliest Time

Earliest time of the search time window.

string

05/17/22 08:35:46:456

index

Index

Splunk index to write to.

string

latestTime

Latest Time

Latest time of the search time window.

string

05/17/22 08:35:46:456

protocol

Protocol

Connection Protocol to Splunk server.

Enum values:

* http * https

string

https

repeat

Repeat

The maximum number of fires.

integer

serverPort

Splunk Server Port

The address of your Splunk server.

integer

8089

source

Source

The source named field of the data.

string

sourceType

Source Type

The source named field of the data.

string

Dependencies

At runtime, the splunk-source Kamelet relies upon the presence of the following dependencies:

  • camel:jackson

  • camel:core

  • camel:splunk

  • camel:kamelet

  • mvn:com.fasterxml.jackson.datatype:jackson-datatype-joda:2.12.5

Camel JBang usage

Prerequisites

  • You’ve installed JBang.

  • You have executed the following command:

jbang app install camel@apache/camel

Supposing you have a file named route.yaml with this content:

- route:
    from:
      uri: "kamelet:timer-source"
      parameters:
        period: 10000
        message: 'test'
      steps:
        - to:
            uri: "kamelet:log-sink"

You can now run it directly through the following command

camel run route.yaml

Camel K Environment Usage

This section describes how you can use the splunk-source.

Knative source

You can use the splunk-source Kamelet as a Knative source by binding it to a Knative object.

splunk-source-pipe.yaml
apiVersion: camel.apache.org/v1
kind: Pipe
metadata:
  name: splunk-source-pipe
spec:
  source:
    ref:
      kind: Kamelet
      apiVersion: camel.apache.org/v1
      name: splunk-source
    properties:
      initEarliestTime: 05/17/22 08:35:46:456
      password: The Password
      query: The Query
      serverHostname: my_server_splunk.com
      username: The Username
  sink:
    ref:
      kind: Channel
      apiVersion: messaging.knative.dev/v1
      name: mychannel

Prerequisite

You have Camel K installed on the cluster.

Procedure for using the cluster CLI

  1. Save the splunk-source-pipe.yaml file to your local drive, and then edit it as needed for your configuration.

  2. Run the source by using the following command:

    kubectl apply -f splunk-source-pipe.yaml

Procedure for using the Kamel CLI

Configure and run the source by using the following command:

kamel bind channel:mychannel -p "source.initEarliestTime=05/17/22 08:35:46:456" -p "source.password=The Password" -p "source.query=The Query" -p "source.serverHostname=my_server_splunk.com" -p "source.username=The Username" splunk-source

This command creates the Kamelet Pipe in the current namespace on the cluster.

Kafka source

You can use the splunk-source Kamelet as a Kafka source by binding it to a Kafka topic.

splunk-source-pipe.yaml
apiVersion: camel.apache.org/v1
kind: Pipe
metadata:
  name: splunk-source-pipe
spec:
  source:
    ref:
      kind: Kamelet
      apiVersion: camel.apache.org/v1
      name: splunk-source
    properties:
      initEarliestTime: 05/17/22 08:35:46:456
      password: The Password
      query: The Query
      serverHostname: my_server_splunk.com
      username: The Username
  sink:
    ref:
      kind: KafkaTopic
      apiVersion: kafka.strimzi.io/v1beta1
      name: my-topic

Prerequisites

  • You’ve installed Strimzi.

  • You’ve created a topic named my-topic in the current namespace.

  • You have Camel K installed on the cluster.

Procedure for using the cluster CLI

  1. Save the splunk-source-pipe.yaml file to your local drive, and then edit it as needed for your configuration.

  2. Run the source by using the following command:

    kubectl apply -f splunk-source-pipe.yaml

Procedure for using the Kamel CLI

Configure and run the source by using the following command:

kamel bind kafka.strimzi.io/v1beta1:KafkaTopic:my-topic -p "source.initEarliestTime=05/17/22 08:35:46:456" -p "source.password=The Password" -p "source.query=The Query" -p "source.serverHostname=my_server_splunk.com" -p "source.username=The Username" splunk-source

This command creates the Kamelet Pipe in the current namespace on the cluster.

Kamelet source file

https://github.com/apache/camel-kamelets/blob/main/kamelets/splunk-source.kamelet.yaml

Back to top