Before you begin, please be aware the Splunk data push works well, but has a different retry mechanism than the other destinations. As a result, the Splunk data push does not go into the error state if there is an error. It will always show as running in the UXI dashboard whether it is successful or not. The Splunk integration is available for Beta testing and you can request to join the beta through support.
Data Push Destinations - Splunk (Beta)
Selecting the Splunk destination will send your test result data or issue data to your Splunk database. Each test result or issue will be represented as an event in Splunk. The data is sent from the UXI VPC located in AWS US-WEST-2. It is recommended to use either the Splunk cloud, Splunk AMI on AWS or other cloud provider. If your Splunk is on prem, it would require you to route the traffic accordingly. This integration has only been tested Splunk on 9.0.0, but should work on version 7.1 or better.
The UXI data push makes use of the Splunk HTTP Event Collector (HEC).
To get started, navigate to Settings -> Data Inputs.
Select HTTP Event Collector and select Add New.
On the next page, select New Token.
Give the token a name and check the box for "Enable Index Acknowledgment". Keep all other default settings.
On the Input Settings, you may choose to create a new index or add data to an index. In this example we created a new index for events called “uxi”. Note the index you use, as you will need it later.
Review the settings, when finished click Submit.
On the next page you will be shown the token. Copy this down.
Next go to the UXI Dashboard. Open Settings -> Integrations.
Under Data Push Destinations select Add Destination.
Configure the data push for your Splunk database.
Data Type: Test Results or Issues
Destination Type: Splunk
Name: Give this integration a friendly name
URL: Enter the Splunk public URL
Port: Enter the Splunk HEC port. Usually, the Splunk HEC runs on port 8088
Index: Specify the index used for the Splunk HEC token.
Token: Paste the Splunk HEC token
Wait a few minutes to ensure the data push destination remains in a running state. You should then be able to search your data in Splunk.