R12 Publication-2025July16
Set up API Server
Create a Splunk API Server:
Pre-requisites
Application Version
Application | Version |
---|---|
Splunk Enterprise | 7.3.0 (or newer) |
Network Connectivity
Client | Server | Protocol |
---|---|---|
NetBrain Front Server | Splunk Enterprise, Port 8089 | HTTPS |
User Account and Privileges
Application | User Account | Required Role Assignment(s) |
---|---|---|
NetBrain | Required | System Admin |
Splunk Enterprise | Required | Sufficient access to the expected Apps and Sources (or higher) |
Create Splunk API Server Connection
![]() |
Note: If the environment has been deployed with multiple Front Servers, repeat this section for each of the Front Servers. |
- Using a web browser, login to the NetBrain Desktop UI using the System Admin credentials.
- http://<NetBrain Web Server IP>
- Navigate to the NetBrain API Server Manager.
- Domain Management > API Server Manager
- In the API Server Manager screen, click Add.
- Complete the Add API Server dialog screen as follows:
- Server Name: Splunk API Server <Front Server>
- Description: Splunk
- API Source Type: "Splunk API Adapter"
- Endpoint: Splunk instance endpoint (ex "https://192.168.28.253:8089")
- Username: Splunk account's username
- Password: Splunk password
- Front Server/Front Server Group: Select FS/FSG which would have reachability to Splunk Enterprise server
- Click Managed Devices: 0 to assign Splunk Search enabled devices to this API Server.
- Click + Device.
- Select "Device Type" radio button.
- Select All Device Types.
- Click ">>", then click OK two times to save the device assignment.
- Click Test to initiate a connectivity test between the NetBrain front server and the Splunk Enterprise instance configured. Pictures below are the results of a successful connectivity test followed by two typical failure scenarios: Incorrect credentials and connectivity between NetBrain and Splunk Enterprise.
Test Results
| Screenshots |
---|---|
Successful Connection | ![]() |
Error Scenario: The entered credentials are incorrect. Possible Resolution: Confirm credentials specified in the Splunk API Server configuration and retry. | ![]() |
Error Scenario: Splunk Enterprise endpoint is unreachable. Possible Resolution: Confirm that the NetBrain Front Server(s) can reach the Splunk Enterprise platform on Port 8089 via HTTPs | ![]() |