Establishing a Connection
The objects available within our connector are accessible from the "cdata.splunk" module. To use the module's objects directly:
- Import the module as follows:
import cdata.splunk as mod
- To establish a connection string, call the connect() method from the connector object using an appropriate connection string, such as:
mod.connect("user=MyUserName;password=MyPassword;URL=MyURL;")
Connecting to Splunk APIs
You must specify the URL to a valid Splunk server. By default the connector makes requests on port 8089.
By default, the connector attempts to negotiate TLS/SSL with the server. For more information on TLS/SSL configuration, see SSL Configuration.
Authenticating to Splunk
There are two ways to authenticate to Splunk data: logging in with Splunk credentials, or using a Splunk authentication token.
Splunk Credentials
To authenticate with Splunk credentials, set User and Password to your login credentials.
Splunk Token
When you access Splunk via an authentication token, you can access the Splunk platform using Representational State Transfer (REST) calls. On Splunk Enterprise, you can also use the CLI. Both of these methods enable you to access the instance and make requests without having to authenticate via credentials.
Note: Unless you are accessing a search head cluster (where you can use the same token to access all available head clusters), you must have a separate token for each instance being accessed.
To authenticate with a Splunk token:
- In the Splunk UI, navigate to Users and Authentication > Tokens to access your assigned authentication token. If you do not have one, request one from the administrator of the instance you want to access.
- Set the AuthScheme to AccessToken; and the AccessToken property to your Splunk token.