I have not found any further documentation, I was looking due to a SSL error when trying to connect.
The script looks like it sends to either the "main" index or whatever you have in inputs, according to line 218 of the bin/bamboo.py script, haven't been able to verify because I'm not getting logs in but fairly certain thats how it works.
def extract(self, inputs): 201 """ 202 Extract data from provided inputs 203 :param inputs: inputs_items object 204 """ 205 log.info("Inside extract ...") 206 self.input_name, self.input_items = inputs.inputs.popitem() 207 self.server = self.input_items['server'] 208 self.protocol = self.input_items['protocol'] 209 self.port = self.input_items['port'] 210 self.username = self.input_items['username'] 211 self.password = self.input_items['password'] 212 self.bamboo_service = BambooService(self.username, self.password, self.server, self.port, self.protocol) 213 #self.jql = self.input_items['jql'] 214 post_endpoint = '%s://%s:%s/rest/api/latest/plan' % ( 215 self.protocol, self.server, self.port) 216 self.post_url = _get_url(post_endpoint) 217 log.info("PostURL: " + self.post_url) 218 self.output_index = self.input_items['index'] or 'main' 219 self.output_sourcetype = self.input_items['sourcetype'] or 'bamboo'
I wish I knew the answers to this.
I did add index=something_something to the local/input.conf file on the heavy forwarder and the data was ingested in that index.
Also, this will not run on a universal forwarder, since it needs Splunk's python to operate.