Splunk
by Splunk Inc.
Connect agents to Splunk to run searches, query alerts, and send events for log analysis and SIEM workflows.
Sådan bruger agenter Splunk
- ✓Query logs for anomalies and security events to trigger automated responses
- ✓Send structured agent execution logs to Splunk via HEC for audit trails
- ✓Run saved security searches to detect threats and route to incident workflows
- ✓Build compliance reports from log data across systems
- ✓Monitor error rates and performance metrics from application logs
Agenthandlinger
Input: search, earliestTime, latestTime, maxCount, app
Returnerer: results, resultCount, jobId, doneProgress
Input: hecToken, event, sourcetype, index, time
Returnerer: success, ackId
Input: app, count
Returnerer: savedSearches, count
Input: name, app
Returnerer: results, resultCount, jobId
Eksempel på workflows
Security incident detection
Agent queries Splunk for failed login patterns and creates PagerDuty incidents when thresholds are exceeded
Agent audit logging
Agent sends structured audit events to Splunk via HEC for compliance and traceability
Om Splunk
- Leverandør
- Splunk Inc.
- Pris Tjek altid detaljer med udbyderen
- Betalt — Splunk Enterprise: license by data volume ingested per day. Splunk Cloud from $65/GB/day. Free Trial available.
- Godkendelse
- Bearer-token
- Hastighedsgrænse Tjek altid detaljer med udbyderen
- 120 anmodninger / minut
- Kompatible noder
- AgentResourceInputOutput
- Hjemmeside
- https://www.splunk.com
Byg et AI-workflow med Splunk
Brug Agentic Planner til at designe, visualisere og forbinde Splunk med dine andre værktøjer.
Åbn Agentic PlannerRelaterede Overvågning-værktøjer
Sentry
Connect agents to Sentry to query errors, resolve issues, and monitor application health.
Datadog
Connect agents to Datadog to query metrics, send events, search logs, and manage monitors.
PagerDuty
Connect agents to PagerDuty to create incidents, manage alerts, and coordinate on-call response.