How To Guide: Splunk Connector Plugin


May 17, 2016  |  By Dale Rankine

00ab2ef6-b904-472f-9450-91c2b5381031There are a lot of great plugins available right now in the Reekoh Plugin Store. One of them is the Splunk Connector.


The Splunk Connector plugin for Reekoh enables sending of real-time data from a device to the Splunk platform for analysis.


Let’s go through the guide below to see how this plugin works.


To start off, login to your Reekoh account and then navigate to Devices > Register New Device. Complete the form that comes next. You can also use any existing registered device in your instance, if you have one.




Next is to install and configure the plugins we’re going to use: Splunk Connector and MQTT Gateway (this will enable you to ingest device data via MQTT protocol).




After you’ve installed the plugins, navigate to Pipeline Studio and then key-in the desired name for your pipeline. Locate the Connectors category on the right pane, and then drag & drop the Splunk plugin to the blank workspace.



To configure, double-click the plugin and then complete the wizard that follows. Click Save.




Since the Splunk Connector will be requiring the Splunk instance token, you will need to configure your settings in order to obtain this. Log in to your Splunk account, and then navigate to Settings > Data Inputs. Click Add New on the HTTP Event Collector, and then complete the form that comes next.






Make sure your HTTP Event Collector is enabled and that you take note of the generated token by Splunk after you’ve configured your settings. The port 8088 also needs to be open for external communications or connections.




Once you’ve configured your Connector plugin, do the same procedure for MQTT but this time locate the Gateways category.




After configuring both plugins, connect them by dragging the output terminal of MQTT Gateway to the input terminal of Splunk Connector. Click Save & Deploy to run your pipeline.




Once your Reekoh Pipeline is running, download / install any MQTT simulator from the Chrome Web Store to be used to send a JSON data to the Splunk platform. For this example, we’ll be using the MQTTLens simulator. Open the application, and then create a connection for your device.




Once a connection has been established, enter or paste your JSON device data in the Message field; then supply any Topic for your data. Click Publish to send it to the Splunk platform.



Check your device data if it has been received by going back to the Splunk platform and then navigating to Search & Reporting. Then in the search bar, type this command: source=”http:(name of http event collector)”. You should be able to see the transmitted data after that.





You may check our Basic Starter guide in the Reekoh Help Center for more information.