Skip to content

About BlueFletch Enterprise

Portal
Portal
- Overview
- User Guide
  User Guide
  - Navigating the Portal
    Navigating the Portal
    
    Login & Logout
    
    Account Settings
  - Support Agent
    Support Agent
    
    Home
    
    Device Details
    
    Dashboards
    
    Cards
    
    Event Explorer
    
    Reports
  - Enterprise Launcher
    Enterprise Launcher
    
    Creating A Configuration
    
    Sending A Notification
    
    Managing Sites
  - Playbook MDM
    Playbook MDM
    
    Playbooks
    
    Plays
    
    Devices
    
    Deployment Groups
    
    Zebra StageNow
  - EMM Console
    EMM Console
    
    Overview
    
    Setup
    Setup
    
    Enroll Org in EMM
    
    Policy Management
    
    Provisioning
    
    Device Management
    
    Installing Playbook in EMM
    
    Troubleshooting
    Troubleshooting
    
    Device Issues
    
    Policy Issues
  - Chat Manager
    Chat Manager
    
    Overview
    
    Chat Roles
    
    Chat Channels
    
    Message Logs
  - Admin
    Admin
    
    Organization
    
    Single Sign On
    Single Sign On
    
    Portal Setup
    
    G Suite Setup
    
    Okta Setup
    
    Users
    
    Roles
    Roles
    
    Overview
    
    Predefined Roles
    
    Permissions
    
    Manage Roles
    
    Downloads
    
    Agents
    
    Key Management
    Key Management
    
    Overview
    
    API Keys
    
    Device Keys
    
    Enterprise
    
    Audit Logs
  - Event Forwarding
  - Remote Control
- Release Notes
Device Applications
Device Applications
- Launcher
  Launcher
- Authentication
  Authentication
  - Overview
  - Configurations
  - Features
    Features
    
    Secondary Authentication
  - Release Notes
- Support Application
  Support Application
  - Overview
  - Configurations
  - Features
    Features
    
    Events to Splunk Events to Splunk
    Table of contents
    
    Overview
    
    Configuration
    
    Feature Introduced
    
    Logs to Azure
    
    External Configurations
    
    Usage History Event
  - Events
    Events
    
    Event Information
    
    Event Examples
  - Support Installer
  - Release Notes
- Messaging
  Messaging
- Playbook Agent
  Playbook Agent
- Device Finder
  Device Finder
- Keyboard
  Keyboard
  - Overview
  - Release Notes
- Browser
  Browser
  - Overview
  - Release Notes
- Bluetooth
  Bluetooth
  - Overview
  - Release Notes
- BlueFletch Chat
  BlueFletch Chat
- BlueFletch Voice Chat
  BlueFletch Voice Chat
- Device Remote Control
  Device Remote Control
  - Overview
  - Release Notes
- Device ID
  Device ID
  - Overview
  - Release Notes
- Suite Installer
  Suite Installer
  - Overview
  - Release Notes
Deploying Applications
Deploying Applications

Feature: Events to Splunk

Overview

The Support Application provides a method of sending events directly to Splunk from the device. The desired Splunk instance will need to support the HTTP Event Collection endpoint.

Configuration

Basic configuration values needed:

ignoreSSLCerts - set to True, to bypass SSL Cert issues with Splunk
splunkUrl - The Splunk Host / Port to send event data
splunkAuthToken - HEC authorization token
splunkApiPath - collector path, typically services/collector/raw

Example:

{
      ...
    "emsSupportTool" : {
        ...
        "ignoreSSLCerts": true,
        "splunkUrl": "https://input-prd-p-xq37wf7l8c7l.cloud.splunk.com:8088",
        "splunkAuthToken": "adkkdkd-043c-4936-8f1b-1askldsakl",
        "splunkApiPath" : "services/collector/raw",
    }
     ...
}

Feature Introduced

Feature introduced in Support Application 5.4.4.