CreateSplunkIntegrationInput
CreateSplunkIntegrationInput
CreateSplunkIntegrationInput
Create a Splunk SIEM integration with policies configured atomically
authMethod |
SplunkAuthMethod | Authentication method (default: Token) |
enabled |
Boolean | Enable the integration immediately (default: false) |
host |
String! | The hostname or IP address of the Splunk instance |
index |
String | The Splunk index containing CloudTrail events (default: aws_cloudtrail) |
password |
String | Splunk password (for Basic auth) |
pollingInterval |
Int | Polling interval in seconds (60-3600, default: 300) |
port |
Int | The REST API port (default: 8089) |
title |
String | Optional display name (defaults to the host) |
token |
String | Splunk API token (for Token auth) |
username |
String | Splunk username (for Basic auth) |
verifySsl |
Boolean | Enable SSL certificate verification (default: true) |