Splunk Integration with Proxus
Learn how to integrate Proxus with Splunk, send device data, and create useful dashboards for real-time monitoring and analysis.
Introduction
This document guides you through integrating Proxus with Splunk, a powerful data analytics platform. By connecting Proxus to Splunk, you can gain valuable insights from your device data through real-time monitoring and analysis.
What is Splunk?
Splunk is a data platform designed to collect, index, and analyze machine-generated data in real-time. It’s widely used for operational intelligence, monitoring, and troubleshooting. Splunk’s HTTP Event Collector (HEC) allows you to send and index data from external systems.
Why Integrate Proxus with Splunk?
Integrating Proxus with Splunk offers numerous benefits:
- Real-time Monitoring: Create dashboards for immediate insights into device performance.
- Advanced Analytics: Analyze device data to identify trends and anomalies.
- Efficient Troubleshooting: Detect and resolve issues quickly.
- Historical Data Analysis: Archive and search historical device data for long-term insights.
Preparing Splunk
Enabling HTTP Event Collector (HEC)
The HTTP Event Collector (HEC) is Splunk’s endpoint for receiving data.
Log in to Splunk
Log in to the Splunk web interface: http://<splunk-server-ip>
Navigate to Data Inputs
Go to Settings > Data Inputs > HTTP Event Collector.
Configure Global Settings
Click on Global Settings and ensure the following settings are enabled:
- All Tokens: Enabled
- SSL: Enabled (default). Configure a certificate if required.
Save Changes
Save the changes by clicking Save.
Creating a New HEC Token
Create a token to allow Proxus to send data to Splunk.
Create New Token
In the HTTP Event Collector page, click New Token.
Fill in Token Details
Fill in the following details:
- Name:
ProxusIntegration(Use a meaningful name.) - Allowed Indexes: Select the index (default:
main). - Sourcetype:
device_metrics(Define a sourcetype for JSON data.)
Copy Token
Copy the generated token. You’ll use this in the Proxus configuration.
Configuring Proxus
Defining a Splunk Outbound Channel
Log in to Proxus
Log in to the Proxus interface.
Navigate to Outbound Channels
Go to Integrations > Outbound Channels.
Create New Channel
Click the + New button.
Fill in Channel Details
Fill in the form with the following details:
- Target Type:
Splunk - Profile Name:
Splunk(Choose a name.) - Description:
Splunk Integration - Transport Strategy:
Pass Through Strategy
Adding Splunk Parameters
Go to Parameters Tab
Go to the Parameters tab.
Add Key-Value Pairs
Add the following key-value pairs:
Parameter Details
Parameter Details
URL
Token
UseAcknowledgment
- Key:
UrlValue:https://<splunk-server-ip>:8088/services/collector(Usehttps://for SSL) - Key:
TokenValue: Paste your Splunk HEC Token here. - Key:
UseAcknowledgment(Optional) Value:true(If Splunk HEC acknowledgment is required.)
Save Configuration
Save the configuration.
Sending Data to Splunk
Linking Splunk Profile to a Device
Navigate to Devices
Go to Data Management > Devices in Proxus.
Select Device
Select the device you want to send data from.
Go to Target Profiles
In the device details, go to the Target Profiles tab.
Add Splunk Profile
Add the Splunk profile:
- Profile Name:
Splunk - Target Type:
Splunk - Transport Strategy:
Pass Through Strategy
Verifying Data Transmission
Ensure Device is Active
Ensure the device’s Status is set to “Active.”
Verify Data Format
Verify the data includes valid key-value pairs:
Viewing Data in Splunk
Searching for Device Data
Navigate to Search & Reporting
Go to the Search & Reporting app in Splunk.
Run Search Query
Use the following query:
Apply Filters (Optional)
Apply filters to narrow the search:
- Specific device:
index="main" sourcetype="device_metrics" deviceName="Energy" - Time-series data:
index="main" sourcetype="device_metrics" | timechart avg(value) by deviceName
JSON Data Example
The JSON data sent from Proxus to Splunk may look like this:
Splunk will parse this JSON into fields:
| Field | Description | Example |
|---|---|---|
| deviceName | The device’s name | Energy |
| deviceId | The device’s unique identifier | 1 |
| key | The type of data sent | temperature |
| value | The value of the data | 35.5 |
| timestamp | The time of data collection | 2025-02-23... |
Creating Dashboards in Splunk
Adding Panels to a Dashboard
Save Search as Dashboard Panel
After running a search query, click Save As > Dashboard Panel.
Create or Add to Dashboard
Create a new dashboard or add the panel to an existing one.
Example Dashboard Queries
-
Time-Series Graph:
-
Latest Device Data:
-
Error Detection:
Troubleshooting
Common Errors
401 Unauthorized
401 Unauthorized
500 Internal Server Error
500 Internal Server Error
Cause: Splunk server issue. Solution: Check Splunk logs under Settings > Monitoring Console > Search Logs.
Best Practices
- Secure Token Management: Keep your Splunk HEC token private.
- Data Validation: Ensure the device data matches the expected JSON format.
- Monitoring: Regularly monitor Splunk dashboards and logs.
Conclusion
By following this guide, you have successfully integrated Proxus with Splunk, enabling you to send, visualize, and analyze device data for enhanced monitoring and troubleshooting.
Splunk Integration with Proxus
Learn how to integrate Proxus with Splunk, send device data, and create useful dashboards for real-time monitoring and analysis.
Introduction
This document guides you through integrating Proxus with Splunk, a powerful data analytics platform. By connecting Proxus to Splunk, you can gain valuable insights from your device data through real-time monitoring and analysis.
What is Splunk?
Splunk is a data platform designed to collect, index, and analyze machine-generated data in real-time. It’s widely used for operational intelligence, monitoring, and troubleshooting. Splunk’s HTTP Event Collector (HEC) allows you to send and index data from external systems.
Why Integrate Proxus with Splunk?
Integrating Proxus with Splunk offers numerous benefits:
- Real-time Monitoring: Create dashboards for immediate insights into device performance.
- Advanced Analytics: Analyze device data to identify trends and anomalies.
- Efficient Troubleshooting: Detect and resolve issues quickly.
- Historical Data Analysis: Archive and search historical device data for long-term insights.
Preparing Splunk
Enabling HTTP Event Collector (HEC)
The HTTP Event Collector (HEC) is Splunk’s endpoint for receiving data.
Log in to Splunk
Log in to the Splunk web interface: http://<splunk-server-ip>
Navigate to Data Inputs
Go to Settings > Data Inputs > HTTP Event Collector.
Configure Global Settings
Click on Global Settings and ensure the following settings are enabled:
- All Tokens: Enabled
- SSL: Enabled (default). Configure a certificate if required.
Save Changes
Save the changes by clicking Save.
Creating a New HEC Token
Create a token to allow Proxus to send data to Splunk.
Create New Token
In the HTTP Event Collector page, click New Token.
Fill in Token Details
Fill in the following details:
- Name:
ProxusIntegration(Use a meaningful name.) - Allowed Indexes: Select the index (default:
main). - Sourcetype:
device_metrics(Define a sourcetype for JSON data.)
Copy Token
Copy the generated token. You’ll use this in the Proxus configuration.
Configuring Proxus
Defining a Splunk Outbound Channel
Log in to Proxus
Log in to the Proxus interface.
Navigate to Outbound Channels
Go to Integrations > Outbound Channels.
Create New Channel
Click the + New button.
Fill in Channel Details
Fill in the form with the following details:
- Target Type:
Splunk - Profile Name:
Splunk(Choose a name.) - Description:
Splunk Integration - Transport Strategy:
Pass Through Strategy
Adding Splunk Parameters
Go to Parameters Tab
Go to the Parameters tab.
Add Key-Value Pairs
Add the following key-value pairs:
Parameter Details
Parameter Details
URL
Token
UseAcknowledgment
- Key:
UrlValue:https://<splunk-server-ip>:8088/services/collector(Usehttps://for SSL) - Key:
TokenValue: Paste your Splunk HEC Token here. - Key:
UseAcknowledgment(Optional) Value:true(If Splunk HEC acknowledgment is required.)
Save Configuration
Save the configuration.
Sending Data to Splunk
Linking Splunk Profile to a Device
Navigate to Devices
Go to Data Management > Devices in Proxus.
Select Device
Select the device you want to send data from.
Go to Target Profiles
In the device details, go to the Target Profiles tab.
Add Splunk Profile
Add the Splunk profile:
- Profile Name:
Splunk - Target Type:
Splunk - Transport Strategy:
Pass Through Strategy
Verifying Data Transmission
Ensure Device is Active
Ensure the device’s Status is set to “Active.”
Verify Data Format
Verify the data includes valid key-value pairs:
Viewing Data in Splunk
Searching for Device Data
Navigate to Search & Reporting
Go to the Search & Reporting app in Splunk.
Run Search Query
Use the following query:
Apply Filters (Optional)
Apply filters to narrow the search:
- Specific device:
index="main" sourcetype="device_metrics" deviceName="Energy" - Time-series data:
index="main" sourcetype="device_metrics" | timechart avg(value) by deviceName
JSON Data Example
The JSON data sent from Proxus to Splunk may look like this:
Splunk will parse this JSON into fields:
| Field | Description | Example |
|---|---|---|
| deviceName | The device’s name | Energy |
| deviceId | The device’s unique identifier | 1 |
| key | The type of data sent | temperature |
| value | The value of the data | 35.5 |
| timestamp | The time of data collection | 2025-02-23... |
Creating Dashboards in Splunk
Adding Panels to a Dashboard
Save Search as Dashboard Panel
After running a search query, click Save As > Dashboard Panel.
Create or Add to Dashboard
Create a new dashboard or add the panel to an existing one.
Example Dashboard Queries
-
Time-Series Graph:
-
Latest Device Data:
-
Error Detection:
Troubleshooting
Common Errors
401 Unauthorized
401 Unauthorized
500 Internal Server Error
500 Internal Server Error
Cause: Splunk server issue. Solution: Check Splunk logs under Settings > Monitoring Console > Search Logs.
Best Practices
- Secure Token Management: Keep your Splunk HEC token private.
- Data Validation: Ensure the device data matches the expected JSON format.
- Monitoring: Regularly monitor Splunk dashboards and logs.
Conclusion
By following this guide, you have successfully integrated Proxus with Splunk, enabling you to send, visualize, and analyze device data for enhanced monitoring and troubleshooting.