1 - Splunk Connection Setup

Updated 2 months ago by Michael Cretzman

The first step in using Splunk with Harness is to set up an Splunk Verification Provider in Harness.

A Harness Verification Provider is a connection to monitoring tools such as Bugsnag. Once Harness is connected, you can use Harness 24/7 Service Guard and Deployment Verification with your Splunk data and analysis.

Permissions for API Connection

Splunk APIs require that you authenticate with a non-SAML account. To access your Splunk Cloud deployment using the Splunk REST API and SDKs, submit a support case requesting access on the Support Portal. For managed deployments, Splunk Support opens port 8089 for REST access. You can specify a range of IP addresses to control who can access the REST API. For self-service deployments, Splunk Support defines a dedicated user and sends you credentials that enable that user to access the REST API. For information on Splunk self-service accounts, see Using the REST API with Splunk Cloud.

Ensure the Splunk user account used to authenticate Harness with Splunk has the following rest-related capabilities:

  • rest_apps_view
  • rest_properties_get
  • rest_properties_set
  • rest_apps_management

Splunk Verification Provider Setup

The first step in using Splunk with Harness is to set up an Splunk Verification Provider in Harness.

A Harness Verification Provider is a connection to monitoring tools such as Splunk. Once Harness is connected, you can use Harness 24/7 Service Guard and Deployment Verification with your Splunk data and analysis.

To add Datadog as a verification provider, do the following:

  1. Click Setup.
  2. Click Connectors.
  3. Click Verification Providers.
  4. Click Add Verification Provider, and select Splunk. The Add Splunk Verification Provider dialog for your provider appears.

The Add Splunk Verification Provider dialog has the following fields.

Field

Description

URL

Enter the URL for accessing the REST API on the Splunk server. Include the port number in the format https://<deployment-name>.cloud.splunk.com:8089: The default port number is 8089.The port number is required for hosted Splunk, also. For example: https://mycompany.splunkcloud.com:8089.For more information, see Using the REST API with Splunk Cloud from Splunk.

Username and Password

Enter the account credentials to authenticate with the server. A user role that is not authenticated with SAML is required. You do not need an admin role.

Display Name

Enter a display name for the provider. If you are going to use multiple providers of the same type, ensure you give each provider a different name.

Usage Scope

If you want to restrict the use of a provider to specific applications and environments, do the following:

  1. In Usage Scope, click the drop-down under Applications, and click the name of the application.
  2. In Environments, click the name of the environment.

Next Step


How did we do?