MENU
      Contents x
      Humio
      • 05 Oct 2024
      • 1 Minute to read
      • Print
      • Dark
      Contents

      Humio

      • Updated on 05 Oct 2024
      • 1 Minute to read
      • Print
      • Dark
      Article summary

      Output events and detections to the Humio.com service.

      • humio_repo: the name of the humio repo to upload to.

      • humio_api_token: the humio ingestion token.

      • endpoint_url: optionally specify a custom endpoint URL, if you have Humio deployed on-prem use this to point to it, otherwise it defaults to the Humio cloud.

      Example:

      humio_repo: sandbox
humio_api_token: fdkoefj0erigjre8iANUDBFyfjfoerjfi9erge
      YAML

      Note: You may need to create a new parser in Humio to correctly parse timestamps.  You can use the following JSON parser:

      parseJson() | parseTimestamp(field=@timestamp,format="unixTimeMillis",timezone="Etc/UTC")
      Plain text

      For the Community Edition of Humio, the endpoint_url is: https://cloud.community.humio.com.

      Was this article helpful?
      What's Next