Splunk and TheHive integration

bil151515 · ‎02-03-2021

Hey!
My team is interested in integration of Splunk (especially ES) and TheHive Project products.

The goal is to provide automated sending Splunk Alerts (Notable Events in case of ES) to TheHive platform for further automatic analysis by Cortex and returning results back to Splunk.

I don't have any experience in stuff like that so I would like to get any ideas of solving this problem.

Maybe anyone have done that before on their project and would like to share any solutions?

splunkreal · ‎07-18-2024

Hello @bil151515 we have done it successfully if needed.

* If this helps, please upvote or accept solution if it solved *

Bubbleob · ‎08-11-2024

Can you expand on how your team did it? Ideally with step-by-step methods.

splunkreal · ‎01-20-2026

Hello @Bubbleob sorry for late response, using https://splunkbase.splunk.com/app/5329

* If this helps, please upvote or accept solution if it solved *

Splunk and TheHive integration

field extraction

HTTP Event Collector

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]

Join the Conversation

Splunk and TheHive integration

field extraction

HTTP Event Collector

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]