(Only available for Splunk Enterprise)
Download/Install/Configure Splunk Enterprise
Download/Install/Configure Splunk REST API Modular Input v1.4
This is a Splunk Modular Input for polling REST APIs and indexing the responses.
Supported on Windows, Linux, MacOS, Solaris, FreeBSD, HP-UX, AIX
Any modular input log errors will get written to $SPLUNK_HOME/var/log/splunk/splunkd.log
You are using Splunk 5+?
Look for any errors in $SPLUNK_HOME/var/log/splunk/splunkd.log?
Any firewalls blocking outgoing HTTP calls?
Are your REST URL, headers, url arguments correct?
Is your authentication setup correctly?
1. Create app token for calling TeamViewer API
2. Please review TeamViewer’s API documentation page for further requests: https://integrate.teamviewer.com/en/develop/api/documentation/
3. Reviewing the results
Following feedback from some of our great users, we would like to share that since Splunk may truncate the connection report JSON, it is advisable to limit the connection report to a specific time period.
The timestamp format is YYY-MM-DDTHH:MM:SSZ . An example connection report request URL with time constraints would be https://webapi.teamviewer.com/api/v1/reports/connections?from_date=2019-01-31T19:20:30Z&to_date=2019...
More information about the TeamViewer Reporting API parameters can be found at https://www.teamviewer.com/en/integrations/reporting/ .