This input will return information for any notifications that were created since the last time the input was run.
This differs from the notifications input by taking in an additional parameter (domain) in order to restrict the set of notifications returned by the endpoint to those from a specific applixation.

Splunk events

Sourcetype: mulesoft:notifications:perapplication

Timestamp: the timestamp provided by Mulesoft via the ‘createdAt’ key – the time the notification occurred

Sample event:

About this input

This input calls the URL:

https://anypoint.mulesoft.com/cloudhub/api/applications/{domain}/notifications

Using the parameters:

This input utilises checkpointing in order to identify which notifications have been indexed already. See Python helper functions – Splunk Documentation for more details.

Learn more: Mulesoft documentation

Posted by:Andrew MacLeod

Andrew is a certified Splunk Admin and has worked for iDelta for over two years. Previously, he worked as an actuarial analyst in the life and pensions industry - a role that he was in for over 7 years before deciding to embark on a career change into the IT industry. He holds an MPhys degree in theoretical physics from the University of Edinburgh. Outside of work he is a big puzzle fan, with a particular penchant for things cruciverbal and mathematical.