Try SpotterSends task result events to Splunk HTTP Event Collector
Authors: Stuart Hirst (!UNKNOWN) <support@convergingdata.com>
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0This callback plugin will send task results as JSON formatted events to a Splunk HTTP collector.
The companion Splunk Monitoring & Diagnostics App is available here U(https://splunkbase.splunk.com/app/4023/).
Credit to "Ryan Currah (@ryancurrah)" for original source upon which this is based.
url:
description: URL to the Splunk HTTP collector source.
env:
- name: SPLUNK_URL
ini:
- key: url
section: callback_splunk
batch:
description:
- Correlation ID which can be set across multiple playbook executions.
env:
- name: SPLUNK_BATCH
ini:
- key: batch
section: callback_splunk
type: str
version_added: 3.3.0
version_added_collection: community.general
authtoken:
description: Token to authenticate the connection to the Splunk HTTP collector.
env:
- name: SPLUNK_AUTHTOKEN
ini:
- key: authtoken
section: callback_splunk
validate_certs:
default: true
description: Whether to validate certificates for connections to HEC. It is not recommended
to set to V(false) except when you are sure that nobody can intercept the connection
between this plugin and HEC, as setting it to V(false) allows man-in-the-middle
attacks!
env:
- name: SPLUNK_VALIDATE_CERTS
ini:
- key: validate_certs
section: callback_splunk
type: bool
version_added: 1.0.0
version_added_collection: community.general
include_milliseconds:
default: false
description: Whether to include milliseconds as part of the generated timestamp field
in the event sent to the Splunk HTTP collector.
env:
- name: SPLUNK_INCLUDE_MILLISECONDS
ini:
- key: include_milliseconds
section: callback_splunk
type: bool
version_added: 2.0.0
version_added_collection: community.general