Apica LogFlow
  • Overview
  • EULA
    • End User License Agreement
  • Getting Started Guide
    • Deployment guides
  • Architecture
    • Never Block, Never Drop
    • InstaStore
    • Deployment
  • Flow Management
    • Overview
    • Forwarders
    • Mapping Applications
    • Data Transformation
  • Splunk Forwarding
    • Overview
    • Apica UF Proxy App Extension
      • Standalone Instance
      • List of Indexer instances
      • Indexer Discovery
    • Metric indexes
    • Non metric indexes
    • Syslog forwarding
  • Real-time Stream Forwarding
    • Overview
    • AWS Kinesis
    • Azure Eventhub
    • Google Pub/Sub
  • Forwarding To Data Warehouse
    • Overview
    • GCP Bigquery
  • Object Store Forwarding
    • Overview
    • S3 Compatible
    • Azure Blob Storage
  • Forwarding to monitoring tools
    • DataDog Forwarding
    • New Relic Forwarding
    • Dynatrace Forwarding
    • Elasticsearch Forwarding
    • Coralogix Forwarding
    • Azure Log Analytics Forwarding
    • JS Code Forwarding
  • Security Monitor Forwarding
    • Overview
    • Arc Sight
    • RSA New Witness
Powered by GitBook
On this page
  • Architecture
  • Required components
  • Creating UF proxy app extension

Was this helpful?

Export as PDF
  1. Splunk Forwarding

Overview

PreviousData TransformationNextApica UF Proxy App Extension

Last updated 1 year ago

Was this helpful?

Apica's plugins include creating one or more Splunk Output configurations that can be then used to send data to Splunk. We support all the enterprise modes for forwarding, including sending data to a Standalone Server, a list of indexers, and sending data to indexers using Peer discovery.

Architecture

Required components

Follow the below steps to create an S2S forwarder to a splunk indexer

  1. Create a UF Proxy app extension

  2. Create a forwarder to use the UF proxy app extension created in step 1 above

    • One or more forwarders can be created to use the same UF Proxy app

      • Forwarders can be of type _json or _metric

      • _metric type can forward to a splunk metric index

      • _json can forward to a splunk standard index

Creating UF proxy app extension

The Splunk plugin for output configurations can be launched from the App Extensions section under Explore.

Selecting the "Forwarding Proxy" app gives you the configured proxies as well as the ability to create a new one.

You can expand on the proxy to see its settings. The "hec_token" can be used to setup the forwarder.

Splunk S2S Forwarding architecture
List of configured Splunk Forwarding Proxies
Proxy Settings