Splunk® Connect for Zoom

Install and Administer Splunk Connect for Zoom

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Install Splunk Connect for Zoom on a single instance Splunk Enterprise deployment

In a single-instance Splunk Enterprise deployment, your Splunk Enterprise instance serves as a receiver, an indexer, and a search head.

To get data from your data source into your Splunk Enterprise instance, configure a receiver and a forwarder. The receiver is your Splunk Enterprise instance. You install the forwarder on your data host to send data to the receiver.

Enable a receiver using Splunk Web

  1. Log into the receiver as an Admin.
  2. Click Settings > Forwarding and receiving.
  3. For Configure receiving, click Add new.
  4. You can use the netstat tool to determine what ports are available on your system. Make sure that Splunk Web or splunkd is not using the port you select.
  5. Specify the TCP port you want to make the receiving port.
  6. Click Save. The Splunk software begins to receive incoming data on the port you specified.
  7. Restart the Splunk software.


Install on a single instance Splunk platform deployment

  1. Download Splunk Connect for Zoom from Splunkbase.
  2. Place the resulting download folder in the $SPLUNK_HOME/etc/apps directory on your heavy forwarder.
  3. Extract the Splunk Connect for Zoom.
  4. Restart the heavy forwarder using the command splunk restart.

Configure inputs on a single instance Splunk platform deployment

Configure Splunk Connect for Zoom to receive data from your Zoom deployment.

Configure a Zoom webhook input

Configure a Zoom webhook input to connect your Splunk platform deployment to your Zoom platform deployment.

  1. In Splunk Web, navigate to Settings > Data Inputs.
  2. Navigate to the Zoom input, and click Add New
  3. Use the following table to fill in the fields. Change fields to fit the parameters of your environment.
    Parameter Value
    Name Zoom
    Port 4443
    SSL Certificate File etc/auth/splunkweb/cert.pem
    SSL Certificate Key File etc/auth/splunkweb/privkey.pem
    Set sourcetype Manual
    Sourcetype zoom:webhook
    Host <Leave as is>
    Index zoom
  4. Click Next.
  5. Click Done.


Configure Zoom to send data

Configure your Zoom deployment to collect and send data to your Splunk platform deployment.


Create Zoom Webhook Only App

Create a Zoom Webhook Only App.

  1. Navigate to marketplace.zoom.us/ and log in to your Zoom account
  2. Click Develop > Build App
  3. Follow the steps to create a Webhook Only App
  4. Fill in the following App Information:
    • App Name
    • Short Description
    • Company Name
    • Developer Name
    • Developer Email Address
  5. Click Continue.
  6. Enable Event Subscriptions.
  7. Click the Add new event subscription button.
  8. Enter the following information:
  9. Click the Add events button.
  10. Subscribe to any Webhook Events you want. See the Zoom Webhook Reference page for more information.
  11. Click Save.
  12. Click Continue.
  13. Activate the Webhook Only App
Last modified on 08 September, 2020
PREVIOUS
Install Splunk Connect for Zoom on a distributed Splunk Enterprise deployment 		  NEXT
Upgrade Splunk Connect for Zoom

This documentation applies to the following versions of Splunk® Connect for Zoom: 1.0.1

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters