Splunk Integration - Domain Validation Pattern Issue

Problem statement

This article clarifies whether an IP address can be used instead of a domain.


The customer is passing a full URL, e.g., https://splunk.example.com/services/collector

“Domain” with value “xyz” fails to match the domain validation pattern.

Steps to reproduce

Enter a URL or IP address into the “domain” field for a Splunk log stream setup.


The field in the dashboard UI only supports a domain value.


The issue is that the domain field on the Dashboard UI will only accept a domain and no path or protocol.

So, for example, if the Splunk collector was running on “https://splunk.example.com/services/collector"”, the “splunk.example.com” needed to be entered into the domain field.

In order to set an IP address, this would currently require using the Management API to create or update the stream settings (please see Create a log stream).

	"name": "splunktest",
	"type": "splunk",
	"sink": {
		"splunkDomain": "<Server IP here>",
		"splunkToken": "<token here>",
		"splunkPort": "<port here>",
		"splunkSecure": <boolean>