splunk_upload

Plugin

ArgDescriptionType
querySource for rows to upload.StoredQuery (required)
threadsHow many threads to use.int64
urlThe Splunk Event Collector URL.string
tokenSplunk HEC Token.string
indexThe name of the index to upload to.string (required)
sourceThe source field for splunk. If not specified this will be ‘velociraptor’.string
sourcetypeThe sourcetype field for splunk. If not specified this will ‘vql’string
chunk_sizeThe number of rows to send at the time.int64
skip_verifySkip SSL verification(default: False).bool
root_caAs a better alternative to disable_ssl_security, allows root ca certs to be added here.string
wait_timeBatch splunk upload this long (2 sec).int64

Description

Upload rows to splunk.

comments powered by Disqus