*Version: 1.0 | Last Updated: 19/02/2025* ## Overview - **Integration Name:** Splunk - **Purpose:** Integrate Splunk with Moovingon AI, enabling users to receive Splunk notifications - **Prerequisites:** - A valid Splunk account - MoovingON AI account access with integration permissions --- ## Table of Contents - [[#Setup Instructions]] - [[#Configuration]] - [[#Related Links]] --- ## Setup Instructions 1. Step 1: In MoovingON AI, navigate to Settings -> Integrations. ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcRlVOIXdQo-3K1ZK6_yb3RassT5Hwm4HV4HbrMYQXOEGy84c_b-GkCM8dniycVDIIFCnO2aZjV4JlFtbdfGglmJyazL4q0aVk0BgHiuV4HBeSf9DGLdSRe2LJ4YQR5PKlMwKNbag?key=KBEKAuRqwRONFDBsNTxVIo1q) 2. Step 2: On the right side of the page, select "Add Webhook." ![add-webhook.png](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcIK0v0mFX3JZay_sfhiCIID1caSrVTm13IU9eFcBS6OLZaubWz9b7ryjIiTF-vLXoK_ZUbj9u3M4vAMxIdBRAdbzOGo8fY7TpAJaxdCAAnFp41yA6Ohp-37MjWjSnxNXxkl0-wSA?key=pWeWSRwPH8MCV1bVqRvIPmbR) 3. Step 3: Enter an integration name for the webhook and click "Submit." ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXegXOiH_ed_yvnovas7N8A_4Gy0f7cdbR1R0eILGQ8iL5ZiuSCpGff9k1YuDRo5Xe2fdgQ4IWSCY-lIimkAyG44-YodYT8QzU6KZRk8mXP3_JEfaH3dKNLP-ThTE2Lmbhxcyis-DA?key=KBEKAuRqwRONFDBsNTxVIo1q) 4. Step 4: A webhook basic authentication (Username and Token) will be created after submission. **![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXdftB0KFsctdudQ70rgU0rCtuwFirMXIieZRJF5g8CSVfPwbokdBuDG0BcAOYWS3NApNu0xYPGRtP4SASRVuT9jjNn92sFW9iNDMRJsww8pEpzgWOaUoPJAv9uSGEGDCh_p0JV_?key=KBEKAuRqwRONFDBsNTxVIo1q)** - Save the generated Username and Token for use in Splunk --- ## Configuration Step 1: Create a New Search Query for Alerts - Open Splunk Web Interface. - Navigate to Search & Reporting. - Enter your search query to detect relevant events (For example index=apache_logs error ). ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcuQBWIETof2Nkxt7fbKitbbLWRhXIhPwNRAIgnYLhw4q_BQ-DHrHjicphbfR5JMATE7XS7XF9idXTA2UPeJ9s59XtrZn7LhSXikeTNm-fQWdXVBN7QG30ITglx02o0IGR4h1u9_g?key=mGMAH2dG0NdQuWwk2CV3odN-) Step 2: Click Save As → Alert. ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcr3vWfswhu64TFaNaF0LUSgvcYHO2owLPiOApSsoX78GZxu0T-XktRXSRchmZCN6joLhIagVie-FwaHfc-1iEqJHR_smHcHGD5VKlywJ97uYKa8MI_e_ikrRhSJDoGc_biWq05_A?key=mGMAH2dG0NdQuWwk2CV3odN-) Step 3: Configure the Alert Conditions This Splunk alert configuration page allows you to set up a scheduled or real-time alert that triggers actions (e.g., webhooks, emails) when specific search conditions are met. Below is a breakdown of each setting and how to configure it. ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXdJoceUi7dokw5XxTYRDd_bFjZWjWnlRPRbN8CFxkUcCtqRQKuZN0fzLWkmTyLJV_eEtRh0c-tqQrtucKq85eTWV47rTJKlWFQKXfypSBHOddVGCTqj6tgqNTHVz0FPLug6Cmw6?key=mGMAH2dG0NdQuWwk2CV3odN-) Click + Add Actions to define what happens when the alert triggers. Available options: 1. Webhook (send data to an external API). 2. Email Notification (send an email when triggered). 3. Run a Script (execute a custom script for automation). 4. Log Event (write the alert to an internal Splunk index). ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXfVhJMIto45ojMJm-dZrS0bzS7xrmKRWrtQWjsZ4DQjEX3jGDcKx0Mu9ilUxjgdDAsdgOthEGVWbpSlARDP5LyO68uDHaAHW_yHRycNZ9SQKQbeCcnZOT-IF39ucnZ2-6C-o5bYGg?key=mGMAH2dG0NdQuWwk2CV3odN-) Step 4: Configure the Webhook URL In the Webhook Action settings, enter the API URL, Need to configure the Webhook Headers, since Splunk UI does not provide a direct way to set headers, you need to configure them by using the .conf file that is located into the directory of the Splunk directory. This is an example of a .conf file. Here, we can configure all the actions that are related to each alert.   ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXdaf3FYyC6yZnzB9C7Vvs8p8yvYAUqncKxvCKAkefv7BoJW5oG-WZroCoHZCg6nGjERCCLyyiDctERrcwOmq3NPVCmCipGjCSrrAE6yhviDSXie5ukWD_sTGCjIoLtymIq-toq54w?key=mGMAH2dG0NdQuWwk2CV3odN-) --- ## Related Links - **External Resources:** [Splunk Documentation](https://docs.splunk.com/Documentation)