Configure Lumeta for Splunk
First, configure Lumeta to export notifications to a Splunk server.
On your Lumeta Command Center, browse to Settings > Lumeta Systems.
In the CEF Notifications pane, on the Configuration tab, supply the host name or IP address of your Splunk server, the number of the port you want to communicate over (e.g., 9997) and protocol (e.g., TCP).
Create API Key
You will need an API key later, when configuring Lumeta input on your Splunk server. Generate one using this procedure.
To generate the API key:
Installing the Lumeta Plug-In on Splunk
- Download these two zipped application files to your local system:
- Unzip them.
- Log in to your Splunk server.
- Select the Manage Apps (gear) icon.
- In the upper right corner, click Install App from File.
- Browse to TA-lumeta.? and upload it.
- When prompted, click Restart Now.
- Repeat steps 3 - 6, this time with lumeta-app.? You will not need to restart the system with lumeta-app upload.
Lumeta Apps display on the Splunk Dashboard.
Configuring Lumeta in Splunk