1. First of all, remember the hostname of your Splunk instance - it will be needed later when configuring Kaduu to send alerts to Splunk

2. Go to "Settings" → "Data Inputs"

3. Add a new HTTP Event Collector by clicking the "Add New" link

4. Put any name for that collector and hit "Next"

5. Set "Source Type" as "Automatic"

6. Select any index as default - all Kaduu events will be stored there

7. Hit "Review"

8. Check all settings are valid on the Review page and hit next. Splunk will say that "Token has been created successfully" and show you a token, that you should copy and save it somewhere - it will be used on the next step

9. Configure your Kaduu account to send alerts over HTTP

10. Enter webhook URL in this form: https://<host>.splunkcloud.com:8088/services/collector/event?token=<token>, where <host> is the hostname of your Splunk instance and <token> is the token you copied on the previous step

11. Hit "Save" and wait for new alert events to arrive to your Splunk instance