This add-on requires the API feature to be enabled and an ApiUser created in Icinga2. Details on setting up the API are available in the Icinga2 documentation: https://icinga.com/docs/icinga2/latest/doc/12-icinga2-api/
Before using this add-on, it needs to be configured in Splunk. This can be done in the Splunk UI under Settings>Alert Actions>Setup Icinga2 Passive Check Alert Action. Alternatively, this can be done by updating and placing the below config in local/alert_actions.conf
[icinga_passive_check] param.host = HOSTORIP param.pass = PASSWORD param.port = PORT #Default is 5665 param.user = USERNAME
Please report all issues on Github. https://github.com/FieldofClay/alert_icinga2_passive_check
Michael Clayfield is Splunk Professional Services consultant working for JDS Australia (https://www.jds.net.au)
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.