Splunk__Steps_to_Integrate - AlarmsOne User Guide

Steps to integrate Splunk with AlarmsOne:

Following are the steps involved to integrate Splunk with AlarmsOne.

Steps to be followed in AlarmsOne:

1. Sign up for AlarmsOne service and log into your account. Click on Applications icon in the left panel. Click Agents and then click Add Agent(+) to download the agent (or) poller.

2. Once download is complete, install the agent on the machine from where it can reach Splunk.

3. Once the agent is installed and registered with AlarmsOne, click on Applications icon and click +Add Application at the top right corner of the window and choose Splunk.

4. Select the registered agent which is deployed on the Splunk Server.

5. Input all the details specific to Splunk (Agent and Application Label).

6. Click Add to add the Application to AlarmsOne.

7. Run splunk.sh from AlarmPoller/AlarmUtilities/Splunk/ with argument as <splunk home dir> .

Steps to be followed in Splunk:

1. Log into Splunk. Click App : Search and Reporting then choose Save As Alert.

2. In Save as alert, click Trigger Actions --> Add Actions --> Run a script.

3. Enter the filename as alarmsone.py. This is located in <splunk home dir>/bin/scripts.

4. Click Save.