Cyara Pulse is a CX monitoring solution that engages with your contact center systems by generating synthetic traffic and ensuring that all systems working as designed. Pulse engages with your systems just as a customer would, so traverses the network, server and app layer, assuring that systems meet defined thresholds and that all steps in a journey can be completed.
The Cyara Pulse app for Splunk feeds real-time information about the state of a set of Customer Experience journeys directly to Splunk. The Cyara Pulse App for Splunk helps you analyze your CX Monitoring results from Cyara in Splunk with a set of pre-configured dashboards that help you glean valuable insights from the Cyara data.
This application can be installed on both On-Prem and Cloud deployments of Splunk.
If not a current Cyara Pulse subscriber, please reach out by filling out a Contact Us Form @ https://info.cyara.com/contact-us
Install the application on Search Heads
When configuring Splunk integration from Cyara Cloud Portal to Splunk Enterprise (premise) your IT organization must enable firewall access from the Cyara Cloud to your Splunk Enterprise instance. Whitelist the Cyara integration FQDN to allow connections from the Cyara Cloud to your Splunk instance. The specific port to allow the communication on is defined by the Splunk HTTP Event Collector configuration (commonly 8088):
- US FQDN: egress-ips.cyaraportal.us
- AU FQDN: egress-ips.cyaraportal.com
- UK FQDN: egress-ips.cyaraportal.co.uk
Cyara Portal Integrations Feature
To enable the Splunk integration, the Integrations feature must be enabled for your Cyara Cloud Portal Account.
To check if the Integration feature is enabled, from the Cyara Portal page toolbar access Tools/Integrations page. If you see the message informing you that "Integrations Not Configured," please contact Cyara Support (email@example.com) and request that the Integrations be enabled for your account.
At a high level, there are 3 steps to setup the Cyara to Splunk Integration:
- Setup the Splunk HTTP Event Collector (HEC)
- Create/configure an Impersonation User
- Configure the Cyara to Splunk Integration
Setting up the Splunk HEC (Splunk Console)
- In your Splunk Instance choose Settings > Data Inputs.
- From the Local Input types select Add New HTTP Event Collector
- Configure the collector using the default values as follows
- Name: (Enter a name to remember this integration, we recommend "Cyara Pulse Monitoring")
- Indexer Acknowledgement should not be enabled (if this is set to enabled, the integration will result in a Bad Request)
- Select Source Type
- Default Index: cyara
- Note: It is highly recommended to create and use an index named "cyara" as it is the default index being used in the Cyara Pulse App for Splunk. However, if you already have your Cyara data in a different index, you will need to modify a single
search macro to include the alternate index. To do so, go to: Settings > Advanced Search > Search Macros > Default index, and change the definition field from index=cyara to the name of your index.
- Click Review
- Click Submit
- The success screen will show a Token Value that you will need later for posting events to your collector.
- Check that the event collector is enabled. To enable, navigate back to your Data Inputs section by clicking Settings > Data Inputs > HTTP Event Collector and click on "Enable" located in the Actions column.
Adding an Impersonation User (Cyara Portal)
Before configuring the integration, you need to configure "Impersonation." Impersonation defines an account user on whose behalf the integration will leverage Cyara APIs. While you can designate any actual user for the impersonation, it is recommended that you create a designated user just for that role (e.g. integration.user).
To add a new Impersonation User to your Cyara Platform, follow these steps.
- Click on Tools > Integrations menu in the Cyara Portal.
- Click on Impersonation in the drop-down menu on the right.
- Select the user that should be impersonated (That Cyara Integrations will authenticate as when pushing/pulling data via the Cyara API).
Configuring Cyara to Splunk Integration (Cyara Portal)
Once you have configured the Impersonation User, you are now set to configure an integration with Splunk!
Follow the steps below:
- In Cyara Portal navigate to Tools > Integrations in the Top Menu. (If "Integrations" doesn't appear in the Tools menu, confirm that you have Cyara Integrations enabled).
- Click the New Integration button
- Integration Details
- Select Splunk from the Type dropdown menu
- Enter a Name and a Description for this integration (We recommend Cyara Pulse Monitoring for the name, and a rich description of the type of service being monitored).
- From the Impersonate User pull-down menu select the user that will be impersonated for the API access
- Select which Pulse Dashboard should be used as the primary source of data to be pushed to Splunk. To ensure that all available Pulse results get pushed to Splunk you can select the predefined Global Dashboard. You can select other dashboards that you created, but remember that only events being monitored by that dashboard will be pushed to Splunk.
- Splunk Details
- For Api Uri, enter the Splunk API URL (example https://my_splunk_instance:8088/services/collector)
- For Authorization Token, enter the token that was generated when you created HEC
- Click the "Test Authentication" button to validate your Splunk Credentials. If access, API Url and Token are configured correctly you should see a ✓ indicating a successful validation.
- Event Field Selection
- This section maps Cyara Data Variables to the Data Fields that will be sent to Splunk in a JSON document
- Starting with Cyara 20.3 release, all data field mapping will be pre-populated by default, so you do not have to make any changes (see example below)
- Make sure that the newly configured integration is Enabled. By default, all integrations are disabled
- Click on Save Details.
- Your integration is complete.
Default Data Mapping
|Full Test Result||$FullTestResult|
|The Result Id||$ResultId|
|Test Case Name||$TestCaseName|
|Test Case Description||$TestCaseDescription|
|Test Case Notes||$TestCaseNotes|
|Service Group Name||$ServiceName|
|Test Result Category||$ResultCategory|
|Failed Step Description||$StepDescription|
|Failed Step No||$StepNo|
|The Url to the Portal Detailed Result page||$Url|
The application dashboards should automatically populate as the data flows into Splunk.
If you have active Pulse campaign(s) running, all results from this moment on will be sent to Spunk and will be viewable in the Cyara Pulse App for Splunk.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.