Splunk
Splunk is one of the most popular data platforms for searching, analyzing, visualizing and acting on your data.
env0 has the ability to send all of your deployment logs directly to your Splunk account.
Setup
Here are the steps to configure it:
- The integration with Splunk uses the HTTP Event Collector, so you will need to set up it in your Splunk instance:
- For Splunk Enterprise follow this guide
- For Splunk Cloud follow this guide
- While creating a new HTTP Event Collector you will also create a token. Make sure the token has access to the index you would like to use. You will need this token to configure the integration inside the env0 platform.
- By default, env0 uses an index called
env0-deployment-logs-index. This is a configuration you can override. Either create theenv0-deployment-logs-indexindex, or use an existing index. To create a new index follow this guide - By default env0 will use
source: env0-deployment-logs-sourceandsourcetype: env0-sourcetype- this can not be overridden. - In the env0 platform you will need to configure the following environment variables in any scope you would like to have them:
| Environment variable name | Comment | Mandatory |
|---|---|---|
ENV0_SPLUNK_URL | The URL of your splunk instance in the following format: ://<instance url/ip>: - for example https://example.splunkcloud.com:8088 | Yes |
ENV0_SPLUNK_TOKEN | The HTTP Event Collector token value - this is usually a GUID format token - for example a90c7a14-8aac-4523-bbbb-dea20352aa4d | Yes |
ENV0_SPLUNK_INDEX | The index you would like env0 to push the data to. | No - Default: env0-deployment-logs-index |
Updated 12 months ago