Splunk Apps » Webhooks Input

h1. How to Set up an Incoming Webhook from IFTTT

You can use IFTTT to push data to your Splunk install via a Webhook. Here is how you do it:

h2. Step 1: Create Input in Splunk

Create a webhook in Splunk if you have not done so already.

h2. Step 2: Configure Maker Channel in IFTTT (an outgoing Webhook)

Use the Maker channel in IFTTT to push data to your Splunk install. To do this, make a new applet with a "then" action that executes a webhook.

Here are some details on how to set this up:

# Make sure the URL is to your Splunk install and uses the port you set when you created the Webhook input

# You can pass the data via the URL (e.g. _https://webhook.mysplunkinstall.net/ifttt/splunk_news?title={{EntryTitle}}&url={{EntryUrl}}_)

# You can also pass data in the body. To do so set the following:

## Make sure the method is a POST

## You can send structured data (that is, field/values pairs) that will be automatically parsed into Splunk by sending JSON. To do this, use the content type is "application/JSON". Otherwise, use "plain/text" if you just want the data ingested as text.

## If you chose "application/JSON" format, then make sure the data you entered into the "Body" field is valid JSON. You can do this by entering the body at http://jsonparseronline.com/ and ensuring it is indicated as valid.

Below is an example of sending an RSS feed to Splunk:

!ifttt_example.png!