Splunk Cloud Platform
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Looking for suggestions for using Splunk Cloud as a data integration source for other services like Salesforce.

appli
New Member
‎08-04-2020 05:31 AM

I'm looking into a way to use Splunk as a data integration tool - so that services like Salesforce can get information from Splunk, instead of relying on my server to call their API.

My logic is that if I report every event to Splunk, and Splunk has a REST API, then why report to additional services and not have them read from Splunk (or Splunk write to them).

I'd love to hear suggestions if anyone's accomplished such a setup - and has insights of considerations such as access tokens, API limitations, data enrichment, shortcuts (like cool Splunk apps that facilitate this) etc.

Examples that demonstrate different ways I thought to take:

1. I set up an alert for a specific kind of Splunk log (e.g. log for a user that deleted their profile) and the alert action uses script/webhook to make a POST request to Salesforce, letting it know a lead should be deleted.

2. I define a saved search/report that aggregates some numbers from logs describing user activities  - and set up a service to poll this via Splunk Cloud REST API and update accordingly.

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Learn Splunk Insider Insights, Do More With Gen AI, & Find 20+ New Use Cases You Can ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Buttercup Games: Further Dashboarding Techniques (Part 7)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Stay Connected: Your Guide to April Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...
Top