This Splunk Technical Add-on adds an Alert Action, which you can use to forward Splunk Alerts to a HTTP Event Collector (HEC).
Note: This project is hosted in GitHub. You can find more infos about the TA there.
The Setup of this TA is pretty simple. You can find screenshots in the GitHub repository!
Anyways, here are the required steps:
The TA writes logs into _internal
. You can use the following search for troubleshooting:
index=_internal sourcetype="taalertforwarder:log"
Optionally, raise the Log Level on the App Configuration page.
Updated app.manifest
to pass Cloud Vetting
Added the Severity (alert.severity) to the forwarded alert.
Initial Splunkbase Release
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.