Start free
ActionSplunkUpdated June 2026

How do I send an event to Splunk?

Short answer: Drop the "SplunkSplunk Send Event (HEC)" action anywhere in your workflow, map the inputs from upstream nodes, and publish.

Use this actionAll 1 Splunk actions
Inputs

The fields this action accepts.

Every field can be mapped from an upstream trigger, AI step, table row, or hard-coded literal.

FieldTypeRequiredDescription
Event Data
event
jsonRequiredEvent Data. (JSON object). e.g. "{ "message": "User logged in", "user": "john" }"
Source
source
stringOptionalSource. e.g. "my-app"
Source Type
sourcetype
stringOptionalSource Type. e.g. "_json"
Index
index
stringOptionalIndex. e.g. "main"
Sample request
{
  "event": "{ \"message\": \"User logged in\", \"user\": \"john\" }",
  "source": "my-app",
  "sourcetype": "_json",
  "index": "main"
}
Returns
{
  "code": 0,
  "text": "Success"
}

Use these fields in downstream nodes for routing, logging, or error handling.

Triggered by

Apps that pair well as the trigger for Splunk Send Event (HEC).

Any of these apps can fire this action as part of a workflow.

GmailSplunk
1 Gmail triggers
SlackSplunk
13 Slack triggers
Google SheetsSplunk
2 Google Sheets triggers
HubSpotSplunk
18 HubSpot triggers
FAQ

Questions about Splunk Send Event (HEC).

What does the Splunk Send Event (HEC) action do in Splunk?
Pushes an event into Splunk via HTTP Event Collector with source, sourcetype, index, host, time. The standard hook for application-event ingestion into SIEM/observability workflows.
What inputs does Splunk Send Event (HEC) require?
Required: Event Data. Every input accepts a static value or a variable from any upstream node in your workflow.
Can I use dynamic inputs from earlier workflow nodes?
Yes. Any field on this action can pull values from upstream nodes, whether that's a form response, a trigger payload, an AI output, or a lookup result.
What happens if Splunk returns an error?
The workflow pauses on the failed node, the error message is captured in the run log, and you can retry the run with one click. Auto-retry policies are configurable per workflow with exponential backoff up to 5 attempts.
Does Splunk Send Event (HEC) support batch operations?
Yes. Run Splunk Send Event (HEC) inside a Loop node to process arrays. Tiny Command handles Splunk's rate limits automatically so you don't have to throttle manually.

Send splunk send event (hec) from your workflows.

Triggered by anything in the catalog. Free tier available. No credit card.

Try for freeRequest a demo