How to add a Splunk provider
A Connect edition license (or above) is required for this feature. To upgrade please contact firstname.lastname@example.org.
What are Integrations?
Dashboard Server Integrations allow you to create your own providers. Each Integration has its own form to help you input the information required for different providers.
What is a provider?
Providers contain the connection details to external platforms. A provider only needs to be set up once and can then be used when creating tiles on a dashboard.
There are two types of integrations and therefore providers:
generic Web API providers that can connect to any REST API
dedicated providers that connect to a specific external platform or database (SQL, ServiceNow, Azure Active App Insights, Elasticsearch, etc.)
About Splunk providers
A Splunk provider is a dedicated provider that contains the connection details to your Splunk instance. You need to create a Splunk provider before you can use Spunk tiles.
When you are creating a Splunk provider, make sure that the SquaredUp server has access to your Splunk instance, since it is the server that connects to Splunk, and not your users' browser.
Adding a Splunk provider
Log on to Dashboard Serverand navigate to the right-hand menu ☰ > system > Integrations
Under Integrations, click Splunk.
Enter the required data:
instance name: Enter a name for the integration. This name will be shown in the select provider drop-down in the Splunk tiles.
url: Enter the URL to your Splunk instance in the format
Note: The port number 8089 is the Splunk API port which is different to the port used when browsing Splunk normally, which would be port 8000.
username and password:
If you are using a Splunk user account: Enter the username and password of the Splunk user account you want to use for authentication. The credentials will be Base64 encoded automatically.
If you are using Splunk with Windows authentication: Leave username and password blank. You need to log in to Splunk and add the Dashboard Server application pool account (meaning the Dashboard Server application pool identity) to the list of authorized users. If the app pool identity is not a user account, you need to add the computer account as a user to Splunk. For more info, see How to check and modify the application pool identity.
Note: The user account you choose here affects the available search templates
Which templates are available in a Splunk tile depends on the permissions of the Splunk user account that is used in the configuration of the Splunk provider. Any search queries that this user can access in Splunk (for example, queries in saved searches, Splunk reports, dashboards, etc.) are visible as templates in Splunk tiles. For example, if you used Splunk User A for the configuration of Splunk provider A, a Splunk tile that uses Splunk provider A will show all templates that are visible to Splunk User A in Splunk.
ignore invalid ssl: Turn the on/off switch to on if you are using a self-signed certificate.
The integration is now saved and can be used as a provider in Splunk tiles.