Platform

Connect Splunk (validator)

Install and configure the TA-Tracemill add-on so a Splunk target can validate runs.

Applies to: Platform. This page covers connecting the TA-Tracemill add-on to a Splunk target in the Tracemill console. The console's "Connect validator" drawer links here.

To validate runs against a Splunk target, install the TA-Tracemill add-on in your Splunk and authenticate it to the target with a validator token. The console walks you through this in the target's Connect validator drawer; this page is the reference for each step.

1. Issue a target key

In the console, open the target and choose Connect validator → Issue key. The token (tmv_…) is shown once — copy it immediately. We store only a hash and cannot show it again; if you lose it, issue a new key. A target can hold up to two active keys at a time for make-before-break rotation.

2. Install the add-on

Download the add-on package and install it in Splunk Web:

  • Get the latest package: TA-tracemill (.spl). (A Splunkbase listing is coming.)
  • In Splunk Web → Apps → Manage Apps → Install app from file, upload the .spl.

This works on self-managed Splunk and Splunk Cloud (Victoria). On Splunk Cloud Classic, install via a support ticket; to automate, use the Admin Config Service (ACS) or the Splunk CLI.

3. Configure the connection

In the Tracemill Add-on:

  1. Under Configuration → Connection, add a connection with:
    • API URL — your Tracemill platform origin (for example https://api.tracemill.io).
    • Validator Token — the tmv_… token from step 1.
  2. Under Inputs → Create New Input → Tracemill Task Poller, select that connection and set the Polling Interval (default 60 seconds; 5–600).
  3. Save. The add-on begins polling for validation tasks.

4. Confirm it's connected

Once the add-on makes its first call, the target's setup checklist in the console flips to TA connected and shows when it was last seen.

Troubleshooting

  • Still "waiting for first poll": confirm the input is enabled, the API URL is reachable from Splunk, and the token hasn't been revoked.
  • Auth failures: the token must start with tmv_ and belong to this target; re-issue if unsure.

Sinks

Where generated events are delivered.

CLI Reference

Complete reference for all Tracemill CLI commands, flags, and environment variables.

On this page

1. Issue a target key2. Install the add-on3. Configure the connection4. Confirm it's connectedTroubleshooting