Configure Lumeta for Splunk
First, configure Lumeta to export notifications to a Splunk server.
On your Lumeta Command Center, browse to Settings > Lumeta Systems.
In the CEF Notifications pane, on the Configuration tab, supply the host name or IP address of your Splunk server, the number of the port you want to communicate over (e.g., 9997) and protocol (e.g., TCP).
Create API Key
You will need an API key later, when configuring Lumeta input on your Splunk server.
To generate the API key:
- On your Lumeta Command Center, browse to Settings > Users.
- Select a username row and click Edit.
- On the API Key dropdown, select the Copy option.
The API key is copied to the clipboard.
- Paste the API key to a notepad file because you will need it later, when configuring Lumeta input on your Splunk server.
Installing Lumeta Plug-In on Splunk
1) The Lumeta Applications are in QA/ESI/INTEGRATIONS. There are two zip files
2) To install on splunk server
- Select the gear next to Apps
- In upper right corner, select install app from file
- Browse to TA-lumeta.zip and upload and click restart now when prompted
- log back in and repeat steps to upload and install lumeta-app.zip. Note you will not need to restart on the lumeta-app install
3) You Lumeta Apps will now appear on you Splunk Dashboard
- Log into Splunk.
- Click the Splunk > Enterprise logo on top left to display the Lumeta and Lumeta App for Splunk tabs.