Enterprise data platform integration with Splunk HTTP Event Collector (HEC) for real-time indexing. Supports secure SSL transmission and indexer acknowledgment for guaranteed delivery.
open_in_new
HEC Documentation
docs.splunk.com
open_in_new
Official Documentation
docs.splunk.com
Configuration Parameters
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| Url | Yes | string | - | Splunk HEC endpoint URL (e.g., https://splunk-server:8088/services/collector). |
| Token | Yes | string | - | HEC authentication token. |
| UseAcknowledgment | No | bool | false | Enable indexer acknowledgment (X-Splunk-Request-Channel) for delivery guarantees. |
| UseSSL | No | bool | false | Enable SSL validation (default validation logic allows all certs currently). |
Internal Behavior
Event Formatting
- HEC Protocol: Wraps data in
{ event: {...}, sourcetype: "device_metrics", source: "ProxusIntegration" }. - Metadata Enrichment: Automatically extracts
DeviceNameandDeviceIdinto the event body. - Timestamps: Uses ISO 8601 format (
yyyy-MM-ddTHH:mm:ss.fffZ).
Performance Features
- Retry Policy: Uses a Polly-like retry policy (3 retries, exponential backoff) for failed HTTP requests.
- Channel ID: Generates a unique
Channel IDper request whenUseAcknowledgmentis enabled.