Hello All,
I have a use case to consume alerts from a tool called dataminr into splunk.
Can someone suggest us the best approach for this integration?
Thanks
HEC supports streaming the logs from ELK server to splunk, As an example you could use logstash for this.
Yes, you can very well send data via HEC to Splunk Cloud. Pls refer the below doc for the steps.
https://docs.splunk.com/Documentation/SplunkCloud/8.2.2109/Data/UsetheHTTPEventCollector
Hi @Roy_9 ,
Check if Dataminr supports extracting alert information via REST API. If so then you can easily build an add-on to ingest data into Splunk via Splunk's "Add-on Builder". And you can schedule it to fetch alert info from Dataminr periodically.
https://docs.splunk.com/Documentation/AddonBuilder/4.0.0/UserGuide/ConfigureDataCollection
Thanks for the response, I have one more question regarding streaming logs/alerts on an ELK search server into Splunk, Can we try the HEC route to stream these from ELK to Splunk cloud?
Thanks
HEC supports streaming the logs from ELK server to splunk, As an example you could use logstash for this.