Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to integrate 3rd party SaaS platform with Splunk

Luckyani
Explorer
‎03-13-2023 08:00 PM

Hi

 Looking for guidance related to integrating Splunk on-premise infrastructure with 3rd party SaaS providers. We have a SaaS provider who is exposing the data over Rest API and what's best way to consume them from an Splunk enterprise version? Is there an officially supported Splunk ad-on or modular support that allow us to enable this via some simple configuration rather than building something on our own?

 

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Luckyani
Explorer
‎03-16-2023 04:29 PM

Thanks for the reply that answers my question

View solution in original post

0 Karma
Reply
Solved! Jump to solution

Luckyani
Explorer
‎03-16-2023 04:29 PM

Thanks for reply that answers my question

0 Karma
Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎03-14-2023 08:27 AM

There are many different REST APIs. REST API specifies only how to access such API, what it does is a completely different thing so your question is a bit like "is there a general manual for software that I can just tweak a little". Well, no, there isn't. As @richgalloway said - there might already be a solution for your particular product but then again there might not be. Also be wary that some third party apps might be obsolete or of a higly sub-par quality.

Additional question of course is what you mean by "integration". Pulling events from an external service? Using that service as a dynamic lookup? Acting on that service as alert action? Something else?

0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎03-14-2023 05:27 AM

It's hard to know what the best way to integrate a product is without knowing what the product itself is.  Check splunkbase to see if there's an existing app/add-on to help integrate.  Perhaps you can use the REST API Modular Input (https://splunkbase.splunk.com/app/1546).  In the worst case, you may need to write your own modular input (it's not that difficult).

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Solved! Jump to solution

Luckyani
Explorer
‎03-14-2023 04:01 PM

Thanks for your reply @richgalloway That third party app you mentioned  is exactly what I'm after but we cannot use it since its not officially supported by Splunk so my original question was is there any other similar apps like that supported by Splunk officially I guess the answer is no and only way to achieve the same outcome is that we develop our own modular input?

Tags (1)
0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎03-15-2023 05:37 AM

The only place you'll find Splunk-supported apps is splunkbase.  If you're unwilling to use a third-party app then your only option is to create your own.

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution
Solution

Luckyani
Explorer
‎03-16-2023 04:29 PM

Thanks for the reply that answers my question

0 Karma
Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎03-15-2023 01:43 AM

I don't think you can find such a generic app which would be Splunk supported. Good thing is you can try to take this third-party app and review its code before putting it to prod or edit it to suit your needs (but beware of licensing! not all apps are created equal)

Reply
Get Updates on the Splunk Community!

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...