Splunk
by Splunk Inc.
Connect agents to Splunk to run searches, query alerts, and send events for log analysis and SIEM workflows.
How agents use Splunk
- ✓Query logs for anomalies and security events to trigger automated responses
- ✓Send structured agent execution logs to Splunk via HEC for audit trails
- ✓Run saved security searches to detect threats and route to incident workflows
- ✓Build compliance reports from log data across systems
- ✓Monitor error rates and performance metrics from application logs
Agent actions
Inputs: search, earliestTime, latestTime, maxCount, app
Returns: results, resultCount, jobId, doneProgress
Inputs: hecToken, event, sourcetype, index, time
Returns: success, ackId
Inputs: app, count
Returns: savedSearches, count
Inputs: name, app
Returns: results, resultCount, jobId
Example workflows
Security incident detection
Agent queries Splunk for failed login patterns and creates PagerDuty incidents when thresholds are exceeded
Agent audit logging
Agent sends structured audit events to Splunk via HEC for compliance and traceability
About Splunk
- Vendor
- Splunk Inc.
- Pricing Always review details with the vendor
- Paid — Splunk Enterprise: license by data volume ingested per day. Splunk Cloud from $65/GB/day. Free Trial available.
- Authentication
- Bearer token
- Rate limit Always review details with the vendor
- 120 requests / minute
- Compatible nodes
- AgentResourceInputOutput
- Website
- https://www.splunk.com
Build an AI workflow with Splunk
Use the Agentic Planner to design, visualize, and connect Splunk with your other tools.
Open Agentic PlannerRelated Monitoring tools
Sentry
Connect agents to Sentry to query errors, resolve issues, and monitor application health.
Datadog
Connect agents to Datadog to query metrics, send events, search logs, and manage monitors.
PagerDuty
Connect agents to PagerDuty to create incidents, manage alerts, and coordinate on-call response.