Integrations

Set up a Splunk integration

Updated: September 15, 2025

Integrations Notification Integrations

  1. Navigate to Integrations in the FireTail platform. Select the Create integration tab.

  2. Click Splunk.

  3. In the Name of Integration field, enter a name for the integration.

  4. Enter the HTTP Collector endpoint. View the Splunk documentation to determine the format of the endpoint you should use.

    • Example: https://http-inputs-.splunkcloud.com:8088/services/collector/event
    • Using Splunk Free Trial. Mark as enabled if you currently using the Spunk free trial. If enabled this will turn off SSL Verify as free trials use self signed certificates.

  5. HTTP Collector API Token - Paste your Splunk API token into this field. To create a token in Splunk:

    • Go to the Settings menu. Click Add Data.
    • Click Monitor.
    • Select HTTP Event Collector. Click Next.
    • Select Main as the Index.
    • Click Review. Click Submit.
    • Copy the token.

View the Splunk documentation for more information about creating an Event Collector token on the Splunk Cloud Platform.

  1. Click Submit.

The integration is created and listed under the existing integrations tab You can now select this integration as a notification method when you create an alert, create a resource policy or create an incident.

Need help?

Contact FireTail support

Previous (Integrations - Notification Integrations)
AWS WAFv2 IP Set
Next (Integrations - Notification Integrations)
Set up a PagerDuty integration