docs/components/modules/ROOT/pages/splunk-hec-component.adoc - camel - Git at Google

 [[splunk-hec-component]]
 = Splunk HEC Component
 //THIS FILE IS COPIED: EDIT THE SOURCE FILE:
 :page-source: components/camel-splunk-hec/src/main/docs/splunk-hec-component.adoc
 :docTitle: Splunk HEC
 :artifactId: camel-splunk-hec
 :description: The splunk component allows to publish events in Splunk using the HTTP Event Collector.
 :since: 3.3
 :supportLevel: Stable
 :component-header: Only producer is supported

 *Since Camel {since}*

 *{component-header}*

 The Splunk HEC component allows to send data to Splunk using the
 https://dev.splunk.com/enterprise/docs/dataapps/httpeventcollector/[HTTP Event Collector].

 Maven users will need to add the following dependency to their pom.xml
 for this component:

 [source,xml]
 ---------------------------------------------
  <dependency>
         <groupId>org.apache.camel</groupId>
         <artifactId>camel-splunk-hec</artifactId>
         <version>${camel-version}</version>
 </dependency>
 ---------------------------------------------

 == URI format

 [source,java]
 -------------------------------
   splunk-hec:[endpoint]/[token]?[options]
 -------------------------------


 // component options: START
 The Splunk HEC component supports 2 options, which are listed below.


 [width="100%",cols="2,5,^1,2",options="header"]
 |===
 | Name | Description | Default | Type
 | *lazyStartProducer* (producer) | Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. | false | boolean
 | *basicPropertyBinding* (advanced) | Whether the component should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities | false | boolean
 |===
 // component options: END


 // endpoint options: START
 The Splunk HEC endpoint is configured using URI syntax:

 ----
 splunk-hec:splunkURL/token
 ----

 with the following path and query parameters:

 === Path Parameters (2 parameters):


 [width="100%",cols="2,5,^1,2",options="header"]
 |===
 | Name | Description | Default | Type
 | *splunkURL* | *Required* Splunk Host URL |  | String
 | *token* | *Required* Splunk authorization token |  | String
 |===


 === Query Parameters (9 parameters):


 [width="100%",cols="2,5,^1,2",options="header"]
 |===
 | Name | Description | Default | Type
 | *host* (producer) | Splunk host. |  | String
 | *index* (producer) | Splunk index to write to | camel | String
 | *lazyStartProducer* (producer) | Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. | false | boolean
 | *source* (producer) | Splunk source argument | camel | String
 | *sourceType* (producer) | Splunk sourcetype argument | camel | String
 | *basicPropertyBinding* (advanced) | Whether the endpoint should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities | false | boolean
 | *synchronous* (advanced) | Sets whether synchronous processing should be strictly used, or Camel is allowed to use asynchronous processing (if supported). | false | boolean
 | *https* (security) | Contact HEC over https. | true | boolean
 | *skipTlsVerify* (security) | Splunk HEC TLS verification. | false | boolean
 |===
 // endpoint options: END

 == Message body
 The body must be serializable to JSON so it may be sent to Splunk.

 A `String` or a `java.util.Map` object can be serialized easily.

 == Use Cases
 The Splunk HEC endpoint may be used to stream data to Splunk for ingestion.

 It is meant for high volume ingestion of machine data.

 include::camel-spring-boot::page$splunk-starter.adoc[]
	[[splunk-hec-component]]
	= Splunk HEC Component
	//THIS FILE IS COPIED: EDIT THE SOURCE FILE:
	:page-source: components/camel-splunk-hec/src/main/docs/splunk-hec-component.adoc
	:docTitle: Splunk HEC
	:artifactId: camel-splunk-hec
	:description: The splunk component allows to publish events in Splunk using the HTTP Event Collector.
	:since: 3.3
	:supportLevel: Stable
	:component-header: Only producer is supported

	Since Camel {since}

	{component-header}

	The Splunk HEC component allows to send data to Splunk using the
	https://dev.splunk.com/enterprise/docs/dataapps/httpeventcollector/[HTTP Event Collector].

	Maven users will need to add the following dependency to their pom.xml
	for this component:

	[source,xml]
	---------------------------------------------
	<dependency>
	<groupId>org.apache.camel</groupId>
	<artifactId>camel-splunk-hec</artifactId>
	<version>${camel-version}</version>
	</dependency>
	---------------------------------------------

	== URI format

	[source,java]
	-------------------------------
	splunk-hec:[endpoint]/[token]?[options]
	-------------------------------


	// component options: START
	The Splunk HEC component supports 2 options, which are listed below.



	[width="100%",cols="2,5,^1,2",options="header"]
	\|===
	\| Name \| Description \| Default \| Type
	\| lazyStartProducer (producer) \| Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. \| false \| boolean
	\| basicPropertyBinding (advanced) \| Whether the component should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities \| false \| boolean
	\|===
	// component options: END



	// endpoint options: START
	The Splunk HEC endpoint is configured using URI syntax:

	----
	splunk-hec:splunkURL/token
	----

	with the following path and query parameters:

	=== Path Parameters (2 parameters):


	[width="100%",cols="2,5,^1,2",options="header"]
	\|===
	\| Name \| Description \| Default \| Type
	\| splunkURL \| Required Splunk Host URL \| \| String
	\| token \| Required Splunk authorization token \| \| String
	\|===


	=== Query Parameters (9 parameters):


	[width="100%",cols="2,5,^1,2",options="header"]
	\|===
	\| Name \| Description \| Default \| Type
	\| host (producer) \| Splunk host. \| \| String
	\| index (producer) \| Splunk index to write to \| camel \| String
	\| lazyStartProducer (producer) \| Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. \| false \| boolean
	\| source (producer) \| Splunk source argument \| camel \| String
	\| sourceType (producer) \| Splunk sourcetype argument \| camel \| String
	\| basicPropertyBinding (advanced) \| Whether the endpoint should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities \| false \| boolean
	\| synchronous (advanced) \| Sets whether synchronous processing should be strictly used, or Camel is allowed to use asynchronous processing (if supported). \| false \| boolean
	\| https (security) \| Contact HEC over https. \| true \| boolean
	\| skipTlsVerify (security) \| Splunk HEC TLS verification. \| false \| boolean
	\|===
	// endpoint options: END

	== Message body
	The body must be serializable to JSON so it may be sent to Splunk.

	A `String` or a `java.util.Map` object can be serialized easily.

	== Use Cases
	The Splunk HEC endpoint may be used to stream data to Splunk for ingestion.

	It is meant for high volume ingestion of machine data.

	include::camel-spring-boot::page$splunk-starter.adoc[]