Document toolboxDocument toolbox

Create a Splunk Index for SAP data

Owned by Warwick Chai
Last updated: Feb 22, 2023 by Seth Marek
2 min read

PowerConnect requires creating a custom index for data delivered by connected SAP systems. In order to create an index…

  • Connect to Splunk management interface using an administrator account.

  • Once logged-in, on the top, right hand side, click on “Settings” and then in “Indexes”. A list of all indexes currently defined appears.

  • Create a new index with the name “sap” or similar. It is just crucial to take the name as a reference for future use and to be able to relate the index to its usage eventually.

  • Use default values but change the “App” value to “SAP PowerConnect for Splunk”.

  • “Save” the new index.

  • The new index now appears in the list.

Next step is to create an HTTP Event Collector (HEC) which actually is a prerequisite for establishing a connection between SAP and Splunk.