Splunk credentials

You can use these credentials to authenticate the following nodes:

• Splunk

Prerequisites

• Download and install Splunk Enterprise.
• Enable token authentication in Settings > Tokens.

Free trial Splunk Cloud Platform accounts can't access the REST API

Free trial Splunk Cloud Platform accounts don't have access to the REST API. Ensure you have the necessary permissions. Refer to Access requirements and limitations for the Splunk Cloud Platform REST API for more details.

Supported authentication methods

• API auth token

Related resources

Refer to Splunk's Enterprise API documentation for more information about the service.

Using API auth token

To configure this credential, you'll need:

• An Auth Token: Once you've enabled token authentication, create an auth token in Settings > Tokens. Refer to Creating authentication tokens for more information.
• A Base URL: For your Splunk instance. This should include the protocol, domain, and port, for example: https://localhost:8089.
• Allow Self-Signed Certificates: If turned on, n8n will connect even if SSL validation fails.

Required capabilities

Your Splunk platform account and role must have certain capabilities to create authentication tokens:

• edit_tokens_own: Required if you want to create tokens for yourself.
• edit_tokens_all: Required if you want to create tokens for any user on the instance.

Refer to Define roles on the Splunk platform with capabilities for more information.