Introduction

This document guides you through integrating Proxus with Splunk, a powerful data analytics platform. By connecting Proxus to Splunk, you can gain valuable insights from your device data through real-time monitoring and analysis.

What is Splunk?

Splunk is a data platform designed to collect, index, and analyze machine-generated data in real-time. It’s widely used for operational intelligence, monitoring, and troubleshooting. Splunk’s HTTP Event Collector (HEC) allows you to send and index data from external systems.

Why Integrate Proxus with Splunk?

Integrating Proxus with Splunk offers numerous benefits:

  • Real-time Monitoring: Create dashboards for immediate insights into device performance.
  • Advanced Analytics: Analyze device data to identify trends and anomalies.
  • Efficient Troubleshooting: Detect and resolve issues quickly.
  • Historical Data Analysis: Archive and search historical device data for long-term insights.

Preparing Splunk

Enabling HTTP Event Collector (HEC)

The HTTP Event Collector (HEC) is Splunk’s endpoint for receiving data.

1

Log in to Splunk

Log in to the Splunk web interface: http://<splunk-server-ip>

2

Navigate to Data Inputs

Go to Settings > Data Inputs > HTTP Event Collector.

3

Configure Global Settings

Click on Global Settings and ensure the following settings are enabled:

  • All Tokens: Enabled
  • SSL: Enabled (default). Configure a certificate if required.
4

Save Changes

Save the changes by clicking Save.

Creating a New HEC Token

Create a token to allow Proxus to send data to Splunk.

1

Create New Token

In the HTTP Event Collector page, click New Token.

2

Fill in Token Details

Fill in the following details:

  • Name: ProxusIntegration (Use a meaningful name.)
  • Allowed Indexes: Select the index (default: main).
  • Sourcetype: device_metrics (Define a sourcetype for JSON data.)
3

Copy Token

Copy the generated token. You’ll use this in the Proxus configuration.

Configuring Proxus

Defining a Splunk Outbound Channel

1

Log in to Proxus

Log in to the Proxus interface.

2

Navigate to Outbound Channels

Go to Integrations > Outbound Channels.

3

Create New Channel

Click the + New button.

4

Fill in Channel Details

Fill in the form with the following details:

  • Target Type: Splunk
  • Profile Name: Splunk (Choose a name.)
  • Description: Splunk Integration
  • Transport Strategy: Pass Through Strategy

Adding Splunk Parameters

1

Go to Parameters Tab

Go to the Parameters tab.

2

Add Key-Value Pairs

Add the following key-value pairs:

  • Key: Url Value: https://<splunk-server-ip>:8088/services/collector (Use https:// for SSL)
  • Key: Token Value: Paste your Splunk HEC Token here.
  • Key: UseAcknowledgment (Optional) Value: true (If Splunk HEC acknowledgment is required.)
3

Save Configuration

Save the configuration.

Sending Data to Splunk

Linking Splunk Profile to a Device

1

Navigate to Devices

Go to Data Management > Devices in Proxus.

2

Select Device

Select the device you want to send data from.

3

Go to Target Profiles

In the device details, go to the Target Profiles tab.

4

Add Splunk Profile

Add the Splunk profile:

  • Profile Name: Splunk
  • Target Type: Splunk
  • Transport Strategy: Pass Through Strategy

Verifying Data Transmission

1

Ensure Device is Active

Ensure the device’s Status is set to “Active.”

2

Verify Data Format

Verify the data includes valid key-value pairs:

Viewing Data in Splunk

Searching for Device Data

1

Navigate to Search & Reporting

Go to the Search & Reporting app in Splunk.

2

Run Search Query

Use the following query:

index="main" sourcetype="device_metrics"
3

Apply Filters (Optional)

Apply filters to narrow the search:

  • Specific device: index="main" sourcetype="device_metrics" deviceName="Energy"
  • Time-series data: index="main" sourcetype="device_metrics" | timechart avg(value) by deviceName

JSON Data Example

The JSON data sent from Proxus to Splunk may look like this:

{
  "event": {
    "deviceName": "Energy",
    "deviceId": 1,
    "key": "temperature",
    "value": 35.5,
    "timestamp": "2025-02-23T13:50:00Z"
  },
  "sourcetype": "device_metrics",
  "source": "ProxusIntegration",
  "host": "localhost"
}

Splunk will parse this JSON into fields:

FieldDescriptionExample
deviceNameThe device’s nameEnergy
deviceIdThe device’s unique identifier1
keyThe type of data senttemperature
valueThe value of the data35.5
timestampThe time of data collection2025-02-23...

Creating Dashboards in Splunk

Adding Panels to a Dashboard

1

Save Search as Dashboard Panel

After running a search query, click Save As > Dashboard Panel.

2

Create or Add to Dashboard

Create a new dashboard or add the panel to an existing one.

Example Dashboard Queries

  • Time-Series Graph:

    index="main" sourcetype="device_metrics" | timechart avg(value) by deviceName

  • Latest Device Data:

    index="main" sourcetype="device_metrics" | stats latest(value) by deviceName

  • Error Detection:

    index="main" sourcetype="device_metrics" key="Error"

Troubleshooting

Common Errors

Best Practices

  • Secure Token Management: Keep your Splunk HEC token private.
  • Data Validation: Ensure the device data matches the expected JSON format.
  • Monitoring: Regularly monitor Splunk dashboards and logs.

Conclusion

By following this guide, you have successfully integrated Proxus with Splunk, enabling you to send, visualize, and analyze device data for enhanced monitoring and troubleshooting.