Automate Tasks in Power Automate Using the CData API Server and Splunk ADO.NET Provider

Power Automate (Microsoft Flow) makes it easy to automate tasks that involve data from multiple systems, on premises or in the cloud. With the CData API Server and Splunk ADO.NET Provider (or any of 200+ other ADO.NET Providers), line-of-business users have a native way to create actions based on Splunk triggers in Power Automate; the API Server makes it possible for SaaS applications like Power Automate to integrate seamlessly with Splunk data through data access standards like Swagger and OData. This article shows how to use wizards in Power Automate and the API Server for Splunk to create a trigger -- entities that match search criteria -- and send an email based on the results.

Set Up the API Server

Follow the steps below to begin producing secure and Swagger-enabled Splunk APIs:

Deploy

The API Server runs on your own server. On Windows, you can deploy using the stand-alone server or IIS. On a Java servlet container, drop in the API Server WAR file. See the help documentation for more information and how-tos.

The API Server is also easy to deploy on Microsoft Azure, Amazon EC2, and Heroku.

Connect to Splunk

After you deploy, provide authentication values and other connection properties by clicking Settings -> Connections in the API Server administration console. You can then choose the entities you want to allow the API Server access to by clicking Settings -> Resources.

To authenticate requests, set the User, Password, and URL properties to valid Splunk credentials. The port on which the requests are made to Splunk is port 8089.

The data provider uses plain-text authentication by default, since the data provider attempts to negotiate TLS/SSL with the server.

If you need to manually configure TLS/SSL, see Getting Started -> Advanced Settings in the data provider help documentation.

You will also need to enable CORS and define the following sections on the Settings -> Server page. As an alternative, you can select the option to allow all domains without '*'.

1. Access-Control-Allow-Origin: Set this to a value of '*' or specify the domains that are allowed to connect.
2. Access-Control-Allow-Methods: Set this to a value of "GET,PUT,POST,OPTIONS".
3. Access-Control-Allow-Headers: Set this to "x-ms-client-request-id, authorization, content-type".

Authorize API Server Users

After determining the OData services you want to produce, authorize users by clicking Settings -> Users. The API Server uses authtoken-based authentication and supports the major authentication schemes. You can authenticate as well as encrypt connections with SSL. Access can also be restricted by IP address; access is restricted to only the local machine by default.

For simplicity, we will allow the authtoken for API users to be passed in the URL. You will need to add a setting in the Application section of the settings.cfg file, located in the data directory. On Windows, this is the app_data subfolder in the application root. In the Java edition, the location of the data directory depends on your operation system:

1. Windows: C:\ProgramData\CData
2. Unix or Mac OS X: ~/cdata

Add Splunk Data to a Flow

You can use the built-in HTTP + Swagger connector to use a wizard to design a Splunk process flow:

1. In Power Automate, click My Flows -> Create from Blank.
2. Select the Recurrence action and select a time interval for sending emails. This article uses 1 day.
3. Add an HTTP + Swagger action by searching for Swagger.
4. Enter the URL to the Swagger metadata document: https://MySite:MyPort/api.rsc/@MyAuthtoken/$oas
5. Select the "Return DataModels" operation.

6. Build the OData query to retrieve Splunk data. This article defines the following OData filter expression in the $filter box:

   Id eq 'SampleDataset'

   See the API Server help documentation for more on filtering and examples of the supported OData.

Trigger an Action

You can now work with DataModels entities in your process flow. Follow the steps to send an automated email:

1. Add an SMTP - Send Email action.
2. Enter the address and credentials for the SMTP server and name the connection. Be sure to enable encryption if supported by your server.
3. Enter the message headers and body. You can add Splunk columns in these boxes.