Configuration Reference for Splunk S2S Source Connector for Confluent Platform
To use this connector, specify the name of the connector class in the connector.class
configuration property.
connector.class=io.confluent.connect.splunk.s2s.SplunkS2SSourceConnector
Connector-specific configuration properties are described below.
Connection
kafka.topic
The name of the Kafka topic to publish Splunk S2S events to. Only a single topic can be specified.
Type: string
Default: splunk-s2s-events
Importance: high
splunk.s2s.port
The port to listen on.
Type: int
Default: 9997
Valid Values: [1,…]
Importance: high
splunk.s2s.compression.enable
Enable compression for communication between the connector and Splunk forwarders. The connector supports only native Splunk compression–that is, the
compressed=true
setting. It does not support theuseClientSSLCompression
setting provided by Splunk. Be sure to configurecompressed=true
on forwarders before setting thesplunk.s2s.compression.enable
configuration property totrue
.Type: boolean
Default: false
Importance: low
SSL
splunk.s2s.ssl.enable
Enables SSL for communication between the connector and Splunk forwarder. The SSL option of the forwarder must be set correspondingly.
Type: boolean
Default: false
Importance: low
splunk.s2s.ssl.key.path
Path to a
PKCS#8
private key file in PEM format.Type: string
Default: “”
Importance: low
splunk.s2s.ssl.cert.chain.path
Path to X.509 cert chain file in PEM format.
Type: string
Default: “”
Importance: low
splunk.s2s.ssl.key.password
The password of the key file (
splunk.s2s.ssl.key.path
). Blank if it’s not password-protected.Type: password
Default: “”
Importance: low
splunk.s2s.ssl.client.auth.enable
Enable client authentication in SSL communication between the connector and Splunk UF. Forwarders need to have the SSL options set correspondingly. SSL Connection should be enabled before enabling SSL client authentication.
Type: boolean
Default: false
Importance: low
splunk.s2s.ssl.root.ca.cert.chain.path
Path to X.509 root CA certificate chain file in PEM format to verify client certificate when client authentication is enabled in SSL Communication.
Type: string
Default: “”
Importance: low
splunk.s2s.ssl.cn.list
List of common names (CN) to verify the client certificate when client authentication is enabled in SSL Communication. Entries in the CN list should be separated by commas.
Type: List
Default: “”
Importance: low
Netty
splunk.s2s.netty.trace.enabled
Flag to enable trace logging at the Netty level. This will dump anything that comes into the connector to the log.
Type: boolean
Default: false
Importance: low
splunk.s2s.netty.worker.threads
The number of worker threads for the worker group that processes incoming messages.
Type: int
Default: 16
Importance: low
splunk.s2s.netty.backlog.size
The maximum queue length for incoming connection requests. The connection request is refused if the request it arrives when the queue is full.
Type: int
Default: 1000
Importance: low
splunk.s2s.netty.receive.buffer.bytes
Size of the buffer the kernel allocates to hold the data arriving into the given socket.
Type: int
Default: 256000
Importance: low
Event Buffer
splunk.s2s.buffer.capacity
The maximum number of records to buffer in the connector. This queue is used as an intermediate before data is written to Kafka.
Type: int
Default: 50000
Valid Values: [100,…,1000000]
Importance: low
splunk.s2s.buffer.batch.size
The number of records to try and retrieve from the buffer.
Type: int
Default: 1000
Valid Values: [100,…,1000000]
Importance: low
splunk.s2s.buffer.empty.wait.ms
The number of milliseconds to wait if there are no messages in the buffer.
Type: int
Default: 100
Valid Values: [10,…]
Importance: low
splunk.s2s.buffer.full.timeout.ms
The number of milliseconds to wait for space to become available in the buffer before timing out.
Type: int
Default: 60000
Valid Values: [100,…]
Importance: low
Parsing
splunk.s2s.sourcetypes
Source types to use while parsing Splunk S2S events.
Type: list
Default: “”
Importance: low
splunk.s2s.headers.metadata
Specify the location of the metadata fields.
Type: string
Default: body
Valid Values: [body, headers]
Importance: low
splunk.s2s.headers.event.raw
This setting specifies whether events should be written in raw format or JSON format. The default value is false. If set to true, events will be written to kafka in raw format. Note this setting is only applicable if Location of the metadata fields(
splunk.s2s.headers.metadata
) is set to headers.Type: boolean
Default: false
Importance: low
splunk.s2s.auto.timestamp.generation
This setting specifies whether events should be assigned a timestamp if not already included. The default value is true. When enabled, current timestamp will be added to events that do not have one in the payload.”
Type: boolean
Default: true
Importance: low
splunk.s2s.record.format
This setting specifies the format of the record being stored in Kafka. Note that this configuration is applicable only when
splunk.s2s.headers.metadata
is set to body.Type: string
Default: default
Valid Values: one of [default, hec]
Importance: low
Error Handling
splunk.s2s.behavior.on.error
The error handling behavior for Splunk S2S Source connector must be set to one of the following parameters:
fail
Throws ConnectException and stops the connector in case of an error.ignore
Continues to process next set of records.log
Logs the error message in the connector logs and continues processing.Type: string
Default: log
Valid Values: [fail, ignore, log]
Importance: low
At least once delivery
splunk.s2s.enable.ack
Enable Splunk S2S support for acknowledging events sent by the forwarder. Be sure to configure
useACK=true
on forwarders before setting thesplunk.s2s.enable.ack
configuration property totrue
.Type: boolean
Default: false
Importance: low
splunk.s2s.ack.interval.ms
The interval at which acknowledgements are sent to forwarders. This is applicable only when
splunk.s2s.enable.ack
is set totrue
.Type: int
Default: 10 ms
Valid Values: [5, …, 240000]
Importance: low
Auto Topic Creation
For more information about auto topic creation, see Configuring Auto Topic Creation for Source Connectors.
Configuration properties accept regular expressions (regex) that are defined as Java regex.
topic.creation.groups
A list of group aliases that are used to define per-group topic configurations for matching topics. A
default
group always exists and matches all topics.Type: List of String types
Default: empty
Possible Values: The values of this property refer to any additional groups. A
default
group is always defined for topic configurations.
topic.creation.$alias.replication.factor
The replication factor for new topics created by the connector. This value must not be larger than the number of brokers in the Kafka cluster. If this value is larger than the number of Kafka brokers, an error occurs when the connector attempts to create a topic. This is a required property for the
default
group. This property is optional for any other group defined intopic.creation.groups
. Other groups use the Kafka broker default value.Type: int
Default: n/a
Possible Values:
>= 1
for a specific valid value or-1
to use the Kafka broker’s default value.
topic.creation.$alias.partitions
The number of topic partitions created by this connector. This is a required property for the
default
group. This property is optional for any other group defined intopic.creation.groups
. Other groups use the Kafka broker default value.Type: int
Default: n/a
Possible Values:
>= 1
for a specific valid value or-1
to use the Kafka broker’s default value.
topic.creation.$alias.include
A list of strings that represent regular expressions that match topic names. This list is used to include topics with matching values, and apply this group’s specific configuration to the matching topics.
$alias
applies to any group defined intopic.creation.groups
. This property does not apply to thedefault
group.Type: List of String types
Default: empty
Possible Values: Comma-separated list of exact topic names or regular expressions.
topic.creation.$alias.exclude
A list of strings representing regular expressions that match topic names. This list is used to exclude topics with matching values from getting the group’s specfic configuration.
$alias
applies to any group defined intopic.creation.groups
. This property does not apply to thedefault
group. Note that exclusion rules override any inclusion rules for topics.Type: List of String types
Default: empty
Possible Values: Comma-separated list of exact topic names or regular expressions.
topic.creation.$alias.${kafkaTopicSpecificConfigName}
Any of the Changing Broker Configurations Dynamically for the version of the Kafka broker where the records will be written. The broker’s topic-level configuration value is used if the configuration is not specified for the rule.
$alias
applies to thedefault
group as well as any group defined intopic.creation.groups
.Type: property values
Default: Kafka broker value
CSFLE configuration
csfle.enabled
Accepts a boolean value. CSFLE is enabled for the connector if csfle.enabled
is set to True.
Type: boolean
Default: False
auto.register.schemas
Specifies if the Serializer should attempt to register the Schema with Schema Registry.
Type: boolean
Default: true
Importance: medium
use.latest.version
Only applies when auto.register.schemas
is set to false. If auto.register.schemas
is set to false and use.latest.version
is set to true, then instead of deriving a schema for the object passed to the client for serialization, Schema Registry uses the latest version of the schema in the subject for serialization.
Type: boolean
Default: true
Importance: medium
Confluent Platform license
confluent.topic.bootstrap.servers
A list of host/port pairs to use for establishing the initial connection to the Kafka cluster used for licensing. All servers in the cluster will be discovered from the initial connection. This list should be in the form
host1:port1,host2:port2,...
. Because these servers are used for the initial connection to discover the full cluster membership (which may change dynamically), this list doesn’t need to contain the full set of servers–although, you may need more than one in case a server is down.Type: list
Importance: high
confluent.topic
Name of the Kafka topic used for Confluent Platform configuration, including licensing information.
Type: string
Default: _confluent-command
Importance: low
confluent.topic.replication.factor
The replication factor for the Kafka topic used for Confluent Platform configuration, including licensing information. This is used only if the topic doesn’t already exist, and the default value of 3 is appropriate for production use. If you are using a development environment with less than 3 brokers, you must set this property to the number of brokers (often 1).
Type: int
Default: 3
Importance: low
Confluent license properties
You can put license-related properties in the connector configuration, or starting with Confluent Platform version 6.0, you can put license-related properties in the Connect worker configuration instead of in each connector configuration.
This connector is proprietary and requires a license. The license information is stored in the _confluent-command
topic. If the broker requires SSL for connections, you must include the security-related confluent.topic.*
properties
as described below.
confluent.license
Confluent issues enterprise license keys to each subscriber. The license key is text that you can copy and paste as the value for
confluent.license
. A trial license allows using the connector for a 30-day trial period. A developer license allows using the connector indefinitely for single-broker development environments.If you are a subscriber, contact Confluent Support for more information.
Type: string
Default: “”
Valid Values: Confluent Platform license
Importance: high
confluent.topic.ssl.truststore.location
The location of the trust store file.
Type: string
Default: null
Importance: high
confluent.topic.ssl.truststore.password
The password for the trust store file. If a password is not set access to the truststore is still available, but integrity checking is disabled.
Type: password
Default: null
Importance: high
confluent.topic.ssl.keystore.location
The location of the key store file. This is optional for client and can be used for two-way authentication for client.
Type: string
Default: null
Importance: high
confluent.topic.ssl.keystore.password
The store password for the key store file. This is optional for client and only needed if ssl.keystore.location is configured.
Type: password
Default: null
Importance: high
confluent.topic.ssl.key.password
The password of the private key in the key store file. This is optional for client.
Type: password
Default: null
Importance: high
confluent.topic.security.protocol
Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL.
Type: string
Default: “PLAINTEXT”
Importance: medium
License topic configuration
A Confluent enterprise license is stored in the _confluent-command
topic.
This topic is created by default and contains the license that corresponds to
the license key supplied through the confluent.license
property. No public
keys are stored in Kafka topics.
The following describes how the default _confluent-command
topic is
generated under different scenarios:
A 30-day trial license is automatically generated for the
_confluent command
topic if you do not add theconfluent.license
property or leave this property empty (for example,confluent.license=
).Adding a valid license key (for example,
confluent.license=<valid-license-key>
) adds a valid license in the_confluent-command
topic.
Here is an example of the minimal properties for development and testing.
You can change the name of the _confluent-command
topic using the
confluent.topic
property (for instance, if your environment has strict
naming conventions). The example below shows this change and the configured
Kafka bootstrap server.
confluent.topic=foo_confluent-command
confluent.topic.bootstrap.servers=localhost:9092
The example above shows the minimally required bootstrap server property that
you can use for development and testing. For a production environment, you add
the normal producer, consumer, and topic configuration properties to the
connector properties, prefixed with confluent.topic.
.
License topic ACLs
The _confluent-command
topic contains the license that corresponds to the
license key supplied through the confluent.license
property. It is created
by default. Connectors that access this topic require the following ACLs
configured:
CREATE and DESCRIBE on the resource cluster, if the connector needs to create the topic.
DESCRIBE, READ, and WRITE on the
_confluent-command
topic.Important
You can also use DESCRIBE and READ without WRITE to restrict access to read-only for license topic ACLs. If a topic exists, the LicenseManager will not try to create the topic.
You can provide access either individually for each principal that will
use the license or use a wildcard entry to
allow all clients. The following examples show commands that you can use to
configure ACLs for the resource cluster and _confluent-command
topic.
Set a CREATE and DESCRIBE ACL on the resource cluster:
kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \ --add --allow-principal User:<principal> \ --operation CREATE --operation DESCRIBE --cluster
Set a DESCRIBE, READ, and WRITE ACL on the
_confluent-command
topic:kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \ --add --allow-principal User:<principal> \ --operation DESCRIBE --operation READ --operation WRITE --topic _confluent-command
Override Default Configuration Properties
You can override the replication factor using
confluent.topic.replication.factor
. For example, when using a Kafka cluster
as a destination with less than three brokers (for development and testing) you
should set the confluent.topic.replication.factor
property to 1
.
You can override producer-specific properties by using the
producer.override.*
prefix (for source connectors) and consumer-specific
properties by using the consumer.override.*
prefix (for sink connectors).
You can use the defaults or customize the other properties as well. For example,
the confluent.topic.client.id
property defaults to the name of the connector
with -licensing
suffix. You can specify the configuration settings for
brokers that require SSL or SASL for client connections using this prefix.
You cannot override the cleanup policy of a topic because the topic always has a single partition and is compacted. Also, do not specify serializers and deserializers using this prefix; they are ignored if added.