Splunk


The splunk integration makes it possible to log all state changes to an external Splunk database using Splunk’s HTTP Event Collector (HEC) feature. You can either use this alone, or with the Home Assistant for Splunk app. Since the HEC feature is new to Splunk, you will need to use at least version 6.3.

Configuration

To use the splunk integration in your installation, add the following to your configuration.yaml file:

# Example configuration.yaml entry
splunk:
  token: YOUR_SPLUNK_TOKEN

Configuration Variables

tokenstringRequired

The HTTP Event Collector Token already created in your Splunk instance.

hoststring(Optional, default: localhost)

IP address or host name of your Splunk host, e.g., 192.168.1.10.

portinteger(Optional, default: 8080)

Port to use.

sslboolean(Optional, default: false)

Use HTTPS instead of HTTP to connect.

verify_sslboolean(Optional, default: false)

Allows you do disable checking of the SSL certificate.

namestring(Optional, default: HASS)

This parameter allows you to specify a friendly name to send to Splunk as the host, instead of using the name of the HEC.

filtermap(Optional)

Filters for entities to be included/excluded from Splunk. Default is to include all entities. (Configure Filter)

include_domainslist(Optional)

Domains to be included.

include_entity_globslist(Optional)

Include all entities matching a listed pattern (e.g., sensor.weather_*).

include_entitieslist(Optional)

Entities to be included.

exclude_domainslist(Optional)

Domains to be excluded.

exclude_entity_globslist(Optional)

Exclude all entities matching a listed pattern (e.g., sensor.weather_*).

exclude_entitieslist(Optional)

Entities to be excluded.

Configure Filter

By default, no entity will be excluded. To limit which entities are being exposed to Splunk, you can use the filter parameter.

# Example filter to include specified domains and exclude specified entities
splunk:
  token: YOUR_SPLUNK_TOKEN
  filter:
    include_domains:
      - alarm_control_panel
      - light
    include_entity_globs:
      - binary_sensor.*_occupancy
    exclude_entities:
      - light.kitchen_light

Filters are applied as follows:

  1. No includes or excludes - pass all entities
  2. Includes, no excludes - only include specified entities
  3. Excludes, no includes - only exclude specified entities
  4. Both includes and excludes:
    • Include domain and/or glob patterns specified
      • If domain is included, and entity not excluded or match exclude glob pattern, pass
      • If entity matches include glob pattern, and entity does not match any exclude criteria (domain, glob pattern or listed), pass
      • If domain is not included, glob pattern does not match, and entity not included, fail
    • Exclude domain and/or glob patterns specified and include does not list domains or glob patterns
      • If domain is excluded and entity not included, fail
      • If entity matches exclude glob pattern and entity not included, fail
      • If entity does not match any exclude criteria (domain, glob pattern or listed), pass
    • Neither include or exclude specifies domains or glob patterns
      • If entity is included, pass (as #2 above)
      • If entity include and exclude, the entity exclude is ignored