Add Splunk documentation

[eliykat]

🎟️ Tracking

N/A

📔 Objective

Continue my PR from here: bitwarden/splunk#54 while moving it to this repository so it can live with the rest of our documentation.

I have:

• copied across the existing README
• applied my initial set of changes from Improve readme splunk#54
• actioned PR feedback
• otherwise updated the layout and style to match our contributing docs

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation
  team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
  issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[cloudflare-workers-and-pages]

Deploying contributing-docs with    Cloudflare Pages

Latest commit:	e18109e
Status:	✅  Deploy successful!
Preview URL:	https://f19dbaf6.contributing-docs.pages.dev
Branch Preview URL:	https://splunk.contributing-docs.pages.dev

View logs

[github-actions]

Checkmarx One – Scan Summary & Details – 4de430d1-fc2e-4bb2-969a-e2bc300bbf6d

No New Or Fixed Issues Found

[withinfocus]

This would be a new direction for us, to keep these sorts of documents here vs. in the repo READMEs. I think I like that and it becomes a centralization point, plus keeps our repos light in that content so we can better manage it with best practices here. There are quite a few integration-style repos out there though, especially for Secrets Manager, that could use this treatment.

[mzieniukbw]

Looks great! I have a comment about the bitwarden server setup and plan, please have a look.

[mzieniukbw]

• Event logging works out of the box, there is nothing to configure - unless it's some custom self-hosted setup, which does not have event logging enabled.
• Event logging works on any business plan, including Teams - makes me wonder if this does belongs to the "Enterprise" section 🤔

[eliykat]

• event logging - that's true, I've amended this to be more specific. Many devs, myself included, just run the minimum api & identity projects when developing day-to-day, so I want to highlight the additional requirements here
• plan requirements - also true! I've fixed this. The "Enterprise" category is meant to describe enterprise use (business use), not the enterprise plan specifically, maybe it could be better named. Directory Connector is under this category and that is also compatible with Teams plans.

[mzieniukbw]

i just did a fresh test and i think this should be the other way around.
We firstly tell poetry to create the virtual environment for the python version we want to use.
And then we activate it with poetry shell

[mzieniukbw]

I have just tested other python versions and it works fine with 3.7-3.10
In 3.11 and 3.12 the ./package.sh step produces an error during splunk-appinspect package validation - looks like the splunk tooling is not compatible with never versions of python.
Also let's add 3.7, even though it's EOL, since it's it is still supported by Splunk.

Suggested change

	- Python 3.8 or 3.9
	- Python 3.7-3.10

[mzieniukbw]

LGTM.
One note, i find the "Enterprise" section without any explanation on where it applies a bit confusing, since SIEM works for Team plan too, so it should be overall labeled as "Business". Maybe it's about time to rename it or add a dedicated page that explains in one word to which this applies to ?

[eliykat]

I've renamed the section to "Business", I agree that's clearer and matches the Personal/Business distinction on our plans page, for example.

[djsmith85]

Can't say anything about the setup process of the splunk integration as I haven't worked with it, yet. Changes are looking good though and can be refined in the future in case @mzieniukbw has any comments.