Set up Splunk integration

Overview

SaltStack Enterprise integrates with Splunk to help you optimize and secure your digital infrastructure using the SaltStack Enterprise Add-On for Splunk Enterprise. The add-on is available on Splunkbase, and requires SaltStack Enterprise version 6.3 or higher.

Prerequisites

Setting up your Splunk integration with SaltStack Enterprise is one post-installation step in a series of several steps that should be followed in a specific order. First, complete one of the installation scenarios and then read the following post-installation pages:

Set up SaltStack Enterprise add-on in Splunk

The SaltStack Enterprise add-on in Splunk takes advantage of a new, Prometheus-compatible metrics endpoint which reports over 25 unique SaltStack Enterprise metrics. These metrics provide insight into the health of your infrastructure. Accessing them in Splunk is useful for monitoring for outages, identifying abnormal activity, and more. It also gives you the ability to take automated actions based on a specific Splunk event using SaltStack Enterprise.

For instructions on how to install and configure the add-on, see the full add-on documentation in the SaltStack knowledge base.

For more on the SaltStack Enterprise metrics endpoint, see the Help Documentation embedded in the Enterprise Console.

Next steps

After setting up your integration with Splunk, there may be additional post-installation steps. Check the list of post-installation steps to ensure you have completed all the necessary steps.