Splunk is a web-style interface for searching, monitoring, and analyzing machine-generated big data. To integrate Splunk with Zenduty, complete the following steps:
On the Zenduty Dashboard:
To add a new Splunk integration, go to "Teams" on Zenduty and click on the "Manage" button corresponding to the team you want to add the integration to.
Next, go to "Services" and click on the "Manage" button corresponding to the relevant Service.
Go to "Integrations" and then "Add New Integration". Give it a name and select the application "Splunk" from the dropdown menu.
Go to "Configure" under your integrations and copy the webhooks URL generated.
- Log in to Splunk. In the "Search and Report" app, search for the monitor metrics for Zenduty incidents to report on. As an example, we monitor "keyring":
- Save this as an "Alert" from the "Save As" window in the top right corner.
- Fill in the form.
- Click the "Add Actions" button under "Trigger Actions" and select "Webhook".
- Paste the url you copied earlier, and "Save"
- An alert for Zenduty (eg. "Login Alert") has been created and will show up in your "Alerts" tab.
Splunk is now Integrated with your Zenduty account.