Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading JMS Messaging Modular Input
MD5 checksum (jms-messaging-modular-input_151.tgz) 06297cecb17ab54c4c114556ebb87beb MD5 checksum (jms-messaging-modular-input_15.tgz) fe018d15dc4ff1a731c503cf9ebe2658 MD5 checksum (jms-messaging-modular-input_14.tgz) 1e18128747c3be3d7ac59d93db811cab MD5 checksum (jms-messaging-modular-input_138.tgz) 08520c749db4fd4c276a5e2339f3ecba MD5 checksum (jms-messaging-modular-input_137.tgz) ed1275e8945b44087ae802b162dde5d4 MD5 checksum (jms-messaging-modular-input_136.tgz) 7647f1e23c7c5523d60753a71d8ab7ff MD5 checksum (jms-messaging-modular-input_135.tgz) 8d111843c9b1af001fd5124f4139e7d7 MD5 checksum (jms-messaging-modular-input_134.tgz) 84c071833ecf7606407b309658994b4f MD5 checksum (jms-messaging-modular-input_133.tgz) d69505e320a75375ef5efe7f18185304 MD5 checksum (jms-messaging-modular-input_132.tgz) 9fbf19519c42826e773c121669562a94 MD5 checksum (jms-messaging-modular-input_131.tgz) 120f8a1bd4c29868811e44d40a8deb67 MD5 checksum (jms-messaging-modular-input_13.tgz) 55209c95eaa9591122c197350a63ec9c MD5 checksum (jms-messaging-modular-input_122.tgz) a449ebeacbfeb036fcf17d2271f3caec MD5 checksum (jms-messaging-modular-input_121.tgz) d962d5fb1e5980dae2a1a0d8d5eb0822 MD5 checksum (jms-messaging-modular-input_12.tgz) debe6b5fb184e9f6e9666e2b503351ca MD5 checksum (jms-messaging-modular-input_115.tgz) a05e7216881e717388d35429143f7641 MD5 checksum (jms-messaging-modular-input_114.tgz) 48413cf983975c37fce55ef4965769f3 MD5 checksum (jms-messaging-modular-input_113.tgz) fe2f7b17dfdc3d258a5a4243c338ebda MD5 checksum (jms-messaging-modular-input_112.tgz) 69c995989cb334755f59015dc8186910 MD5 checksum (jms-messaging-modular-input_111.tgz) 81b6ff3e5371ca6c5471a98d4809e0da MD5 checksum (jms-messaging-modular-input_11.tgz) 883e5c0ee82e783d51f09b87db6b1aa3 MD5 checksum (jms-messaging-modular-input_103.tgz) dfcba1c3793feefb945369eb2dce9da5 MD5 checksum (jms-messaging-modular-input_102.tgz) f52328385e30da6d24a82ec8fd1d0c08 MD5 checksum (jms-messaging-modular-input_101.tgz) 054bd815a80ca997a47d4beb1c190138 MD5 checksum (jms-messaging-modular-input_10.tgz) e6257c866dc43af91f6b17ba8b312ddf
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

JMS Messaging Modular Input

This is a Splunk modular input add-on for polling message queues and topics via the JMS interface.
JMS is simply a messaging API and is a convenient means by which to write 1 modular input that can talk to several different underlying messaging providers : MQSeries(Websphere MQ), ActiveMQ, TibcoEMS, HornetQ, RabbitMQ,Native JMS, Weblogic JMS, Sonic MQ etc..

Splunk JMS Modular Input v1.5.1
by Damien T. Dallimore
November 2015


This is a Splunk modular input add-on for polling message queues and topics via the JMS interface.

Why JMS ?

JMS is simply a messaging API and is a convenient means by which to write 1 modular input that can talk to several different underlying messaging providers.

  • MQ Series / Websphere MQ
  • Tibco EMS
  • ActiveMQ
  • HornetQ
  • RabbitMQ
  • SonicMQ
  • JBoss Messaging
  • Weblogic JMS
  • Native JMS
  • StormMQ
  • MSMQ (using activemq bridging)
  • Etc...

The modular input code is generic because it is programmed to the JMS interface.
You can then supply messaging provider specific jar files at runtime.
More details on JMS at Wikipedia,


  • Splunk 5.0+
  • Java Runtime 1.7+
  • Supported on Windows, Linux, MacOS, Solaris, FreeBSD, HP-UX, AIX


  • Optionally set your JAVA_HOME environment variable to the root directory of your JRE installation.If you don't set this , the input will look for a default installed java executable on the path.
  • Untar the release to your $SPLUNK_HOME/etc/apps directory
  • Restart Splunk


As this is a modular input , you can then configure your JMS inputs via Manager->DataInputs

JNDI vs Local mode

For the most part you will setup your JMS connectivity using JNDI to obtain the remote JMS objects.
However, you can bypass JNDI if you wish and use local instantiation.
To do this you must code an implementation of the com.splunk.modinput.jms.LocalJMSResourceFactory interface.
You can then bundle the classes in a jar file and place them in $SPLUNK_HOME/etc/apps/jms_ta/bin/lib
The configuration screen in Splunk Manager for creating a new JMS input allows you to choose local or jndi as the instantiation mode.
So choose local , and then you can specify the name of implementation class, as well as any declarative parameters you want to pass in.


Any log entries/errors will get written to $SPLUNK_HOME/var/log/splunk/splunkd.log

Third party jars

If you require specific JMS provider or JNDI Context implementation jars, then you can simply copy these to $SPLUNK_HOME/etc/apps/jms_ta/bin/lib

They will be automatically picked up upon restart

JVM Heap Size

The default heap maximum is 64MB.
If you require a larger heap, then you can alter this in $SPLUNK_HOME/etc/apps/jms_ta/bin/ on line 95

JVM System Properties

You can declare custom JVM System Properties when setting up new input stanzas.
Note : these JVM System Properties will apply to the entire JVM context and all stanzas you have setup


  • Have you read and following everything written above ?
  • JAVA_HOME environment variable is set or "java" is on the PATH for the user's environment you are running Splunk as
  • You are using Splunk 5+
  • You are using a 1.7+ Java Runtime
  • You are running on a supported operating system
  • Any 3rd party jar dependencies are present in $SPLUNK_HOME/etc/apps/jms_ta/bin/lib
  • Look for any errors in $SPLUNK_HOME/var/log/splunk/splunkd.log
  • Run this command as the same user that you are running Splunk as and observe console output : "$SPLUNK_HOME/bin/splunk cmd python ../etc/apps/jms_ta/bin/ --scheme"
  • Your configuration parameters are correct for your JMS connection (check for typos, correct credentials, correct JNDI names etc...)
  • Any firewalls blocking connections ?

Release Notes

Version 1.5.1
Sept. 2, 2016

Added a new message handler that just dumps the message body :

Version 1.5
Nov. 24, 2015

Minor HEC data handling tweaks

Version 1.4
Sept. 22, 2015

Added support to optional output to Splunk via a HEC (HTTP Event Collector) endpoint

Version 1.3.8
Feb. 11, 2015

Enabled TLS1.2 support by default.
Made the core Modular Input Framework compatible with latest Splunk Java SDK
Please use a Java Runtime version 7+
If you need to use SSLv3 , you can turn this on in bin/

Version 1.3.7
Sept. 17, 2014

Changed the point in the code where client ID is set for durable topic subscriptions

Version 1.3.6
Feb. 21, 2014

Added a LocalConnectionFactory for ActiveMQ

Version 1.3.5
Jan. 25, 2014

Added the ability to declare custom JVM System Properties in your stanzas

Version 1.3.4
Jan. 24, 2014

Minor cosmetic fix

Version 1.3.3
Jan. 24, 2014

Added system property to LocalMQConnectionFactory

Version 1.3.2
Jan. 23, 2014

Added a custom local JMS resource factory for Websphere MQ users that allows you to create a MQConnectionFactory class instance directly vs looking it up via JNDI.

The implementation class name you can declare in you stanza is : com.splunk.modinput.jms.custom.factory.LocalMQConnectionFactory

It depends on the MQ JMS jar files being in SPLUNK_HOME/etc/apps/jms_ta/bin/lib

Parameter values supported are (showing example values) :


You declare these in the stanza also in a key=value string , comma delimited :


Version 1.3.1
Nov. 9, 2013

Changed suffix to .spl
Removed field validation constraints when selecting local mode

Version 1.3
July 9, 2013

Updated configuration screen , hopefully it is simpler and more intuitive

Version 1.2.2
June 4, 2013

More verbose error logging ++ Removed usage of hostname for REST callbacks and replaced with localhost to alleviate issues where admins haven't setup local DNS correctly

Version 1.2.1
March 28, 2013

Added support for very large message payloads, basically a refactoring of the XML streaming output so that SplunkD can correctly process large message payloads

Version 1.2
Feb. 27, 2013

Refactored the core engine so that now you can declare a pluggable JMS Message handler.For the most part you'll probably just rely on the default message handler that is part of the mod input. But given that a message producer can basically put anything in the message payload, there may be scenarios where you need some custom handling for the raw message payload ,so this new features provides this flexibility.

Version 1.1.5
Feb. 21, 2013

Patched a hole whereby the "disabled" property is not passed to the Mod Input by SplunkD when it is first created

Version 1.1.4
Feb. 21, 2013

Added more detailed error logging (written to $SPLUNK_HOME/var/log/splunk/splunkd.log) for troubleshooting

Version 1.1.3
Feb. 20, 2013

Fixed a possible(in theory) race condition scenario at startup ++ Added support for Queue Browsing , user can choose browsing mode(dump all messages or output summary stats about the queue) and the browsing frequency.

Version 1.1.2
Feb. 17, 2013

Some core framework tweaks++Added config option so users can specify whether or not to strip newline characters from the message body

Version 1.1.1
Feb. 7, 2013

Added runtime support for solaris, aix, freebsd, hp-ux***Added support to prefix your destination name with a server identifier , which now makes it possible to setup jms stanzas that have the same destination name but on different servers

Version 1.1
Feb. 5, 2013

Added REST API polling calls to the mod input so that it can poll SplunkD for the enabled/disabled status of each queue/topic stanza and stop message polling threads accordingly or terminate the entire mod input process if all queue/topic stanzas have been disabled.Using the Splunk Java SDK v1.0 for the REST API call, hence splunk.jar is now included in this release.

Version 1.0.3
Jan. 17, 2013

Added better handling of Binary message types

Version 1.0.2
Dec. 27, 2012

Added support for providing user/pass for the topic/queue

Version 1.0.1
Dec. 19, 2012

Cosmetic fix, added screenshot.

Version 1.0
Dec. 18, 2012


Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2017 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.