Jamf Pro Webhooks for Splunk
The Webhooks settings in Jamf Pro allow you to create outbound webhooks for any event in the Events API. In conjunction with the Events API, webhooks allow you to use real-time events from Jamf Pro to build custom workflows on-demand using the programming language of your choice. For example, you could configure a webhook to send an event to an instant message plug-in you have written that will notify a chatroom when a third-party macOS software title in Jamf Pro has been updated.
Webhooks are better-suited for real-time event reporting and are more efficient than the Jamf Pro Add-on for Splunk when you want to import data immediately.
Configuring Splunk to Collect Webhooks
To collect data from Jamf Pro webhooks, you must configure an HTTP event collector in your Splunk instance, and then create a new event collector token.
Tokens enabled
SSL enabled
- The default HTTP ports used by Splunk:
- Splunk Enterprise—Port 8088
- Splunk Cloud—Port 443
For instructions, see the Set up and use HTTP Event Collector in Splunk Web documentation from Splunk.
Configuring Webhooks in Jamf Pro
Your webhook will start sending events to Splunk based on the configured event trigger.
For information on supported webhooks, see Webhooks on the Jamf Developer Portal.