Infrastructure & DevOps
Splunk AI agent integration
Splunk integration for log analysis and security monitoring via MCP protocol
Category
Infrastructure & DevOps
Authentication
API key
Protocol
MCP-compatible
What you can do with the Splunk integration
Give your AI agents authenticated access to Splunk so they can read, act, and update records on your behalf — inside a governed, observable workflow.
- Let agents read data from Splunk as part of a workflow.
- Let agents take typed actions inside Splunk with allow/deny policies.
- Combine Splunk with other tools to automate cross-system workflows.
- Audit every tool call in Monitor — agent, action, input, response, latency, cost.
How to connect Splunk
Paste your API key into the credential form. Dezifi encrypts it at rest and never logs it.
- 1
Open Integrations in your workspace
Navigate to Integrations from the left sidebar. The catalog opens to all available tools. - 2
Find Splunk
Search the catalog or filter to the Infrastructure & DevOps category. Click the Splunk card. - 3
Connect your account
Click Connect. Paste your API key into the credential form. Dezifi encrypts it at rest and never logs it. - 4
Test the connection
Run the built-in connection test. Dezifi calls a low-impact endpoint and confirms the credential works. - 5
Grant access to an agent
Open an agent in the builder, go to Tool Selection, check Splunk, save. The agent can now invoke Splunk actions during runs.
Governance and safety
Splunk is a tool like any other in Dezifi — its actions are governed by your policies, inspected by guardrails, and recorded in every run trace.
- Tool allow / deny — restrict which agents can invoke which actions.
- Approval gates — require human sign-off before destructive operations.
- Rate limits — cap how often an agent can call the integration.
- Audit trail — every call, input, response, and identity is logged.
Frequently asked questions
- How do I connect Splunk to Dezifi?
- Open Integrations in your workspace, search for Splunk, click Connect, and follow the api key flow. Once connected, the integration becomes available as a tool for any agent.
- Which AI agents can use the Splunk integration?
- Any agent in your Dezifi workspace can be granted access to Splunk. You scope which agents see it via tool allow-lists on policies.
- Is the Splunk integration secure?
- Yes. Credentials are encrypted at rest, scoped to your workspace, and never shared across tenants. Every tool call is logged in the run trace.
- Can I limit what the agent can do in Splunk?
- Yes. Policies let you allow or deny specific actions and require human approval for high-risk operations. The principle of least privilege is enforced at runtime.
Other Infrastructure & DevOps integrations
Integration
Amazon ECS
Amazon ECS integration for clusters, services, tasks, task definitions, and container instances
Integration
Amazon EKS
Amazon EKS integration for clusters, node groups, addons, updates, and Fargate profiles
Integration
Ansible
Ansible Tower/AWX integration for inventories, job templates, jobs, projects, hosts, groups, and credentials
Integration
AWS
Amazon Web Services integration for cloud infrastructure management via MCP protocol
Integration
AWS CloudFormation
AWS CloudFormation integration for stacks, resources, templates, changesets, events, and cost estimation
Integration
Azure
Microsoft Azure integration for cloud services and infrastructure via MCP protocol