I am a nebbie with Splunk, but already fell in love with it. Such a great tool!
I was tasked with storing settings of a website from Cloudflare into Splunk. Without much of a knowledge I wrote a small Python script that basically gets settings data from CF and sends it to Splunk via HEC token, on my local instance. This is one of the ways of doing it, but I'm sure there must be much slicker way.
Question is, what would you guys recommend to achieve this task? What would be the best practices?
Thanks in advance,
That add-on should point to this URL for instructions on how to configure Cloudflare logging: https://developers.cloudflare.com/logs/about
If you download and unzip the add-on, you'll find this URL in the readme.txt, but it should really be added to the Overview page on Splunkbase.
I don't necessarily have an issue with the add-on. I just don't see how can I gather "settings" of the website using it. Maybe that just escapes me, maybe I'm not too familiar with usage of this. If you could possibly point me to a proper solution. I'd surely appreciate it.
If you read the documentation you can see you need to use a amazon S3bucket to mange the queue.
check the documentation