Pipeline: input: splunk hec: style

pipeline/inputs/splunk.md

@@ -1,51 +1,53 @@
 # Splunk (HTTP HEC)
 
-The **splunk** input plugin handles [Splunk HTTP HEC](https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector) requests.
+The _Splunk_ input plugin handles [Splunk HTTP HEC](https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector) requests.
 
-## Configuration Parameters
+## Configuration parameters
 
-| **Key**                  | Description                                                                                                                                   | default |
-|--------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------|---------|
-| listen                   | The address to listen on                                                                                                                      | 0.0.0.0 |
-| port                     | The port for Fluent Bit to listen on                                                                                                          | 9880    |
-| tag_key                  | Specify the key name to overwrite a tag. If set, the tag will be overwritten by a value of the key.                                           |         |
-| buffer_max_size          | Specify the maximum buffer size in KB to receive a JSON message.                                                                              | 4M      |
-| buffer_chunk_size        | This sets the chunk size for incoming JSON messages. These chunks are then stored/managed in the space available by buffer_max_size. | 512K    |
-| successful_response_code | It allows to set successful response code. `200`, `201` and `204` are supported.                                                              | 201     |
-| splunk\_token            | Specify a Splunk token for HTTP HEC authentication. If multiple tokens are specified (with commas and no spaces), usage will be divided across each of the tokens. |         |
-| store\_token\_in\_metadata | Store Splunk HEC tokens in the Fluent Bit metadata. If set false, they will be stored as normal key-value pairs in the record data.                              | true    |
-| splunk\_token\_key       | Use the specified key for storing the Splunk token for HTTP HEC. This is only effective when `store_token_in_metadata` is false.                   | @splunk_token |
-| Threaded | Indicates whether to run this input in its own [thread](../../administration/multithreading.md#inputs). | `false` |
+This plugin uses the following configuration parameters:
 
-## Getting Started
+| Key | Description | Default |
+| --- | ----------- | ------- |
+| `listen` | The address to listen on. | `0.0.0.0` |
+| `port` | The port for Fluent Bit to listen on. | `9880` |
+| `tag_key` | Specify the key name to overwrite a tag. If set, the tag will be overwritten by a value of the key. | _none_ |
+| `buffer_max_size` | Specify the maximum buffer size in KB to receive a JSON message. | `4M` |
+| `buffer_chunk_size` | This sets the chunk size for incoming JSON messages. These chunks are then stored and managed in the space available by `buffer_max_size`. | `512K` |
+| `successful_response_code` | Set the successful response code. Allowed values: `200`, `201`, and `204` | `201` |
+| `splunk_token` | Specify a Splunk token for HTTP HEC authentication. If multiple tokens are specified (with commas and no spaces), usage will be divided across each of the tokens. | _none_ |
+| `store_token_in_metadata` | Store Splunk HEC tokens in the Fluent Bit metadata. If set to `false`, tokens will be stored as normal key-value pairs in the record data. | `true` |
+| `splunk_token_key` | Use the specified key for storing the Splunk token for HTTP HEC. Use only when `store_token_in_metadata` is `false`. | `@splunk_token` |
+| `Threaded` | Indicates whether to run this input in its own [thread](../../administration/multithreading.md#inputs). | `false` |
 
-In order to start performing the checks, you can run the plugin from the command line or through the configuration file.
+## Get started
 
-#### How to set tag
+To start performing the checks, you can run the plugin from the command line or through the configuration file.
+
+### Set a tag
 
 The tag for the Splunk input plugin is set by adding the tag to the end of the request URL by default.
 This tag is then used to route the event through the system.
-The default behavior of the splunk input sets the tags for the following endpoints:
+The default behavior of the Splunk input sets the tags for the following endpoints:
 
-* `/services/collector`
-* `/services/collector/event`
-* `/services/collector/raw`
+- `/services/collector`
+- `/services/collector/event`
+- `/services/collector/raw`
 
 The requests for these endpoints are interpreted as `services_collector`, `services_collector_event`, and `services_collector_raw`.
 
-If you want to use the other tags for multiple instantiating input splunk plugin, you have to specify `tag` property on the each of splunk plugin configurations to prevent collisions of data pipeline.
+To use the other tags for multiple instantiating input Splunk plugins, you must specify the `tag` property on each Splunk plugin configuration to prevent data pipeline collisions.
 
-### Command Line
+### Command line
 
 From the command line you can configure Fluent Bit to handle HTTP HEC requests with the following options:
 
 ```bash
-$ fluent-bit -i splunk -p port=8088 -o stdout
+fluent-bit -i splunk -p port=8088 -o stdout
 ```
 
-### Configuration File
+### Configuration file
 
-In your main configuration file append the following _Input_ & _Output_ sections:
+In your main configuration file append the following sections:
 
 ```python
 [INPUT]

vale-styles/FluentBit/Acronyms.yml

@@ -39,6 +39,7 @@ exceptions:
   - GTK
   - GUI
   - GZIP
+  - HEC
   - HPA
   - IAM
   - HTML

vale-styles/FluentBit/Spelling-exceptions.txt

@@ -81,6 +81,7 @@ grpc_method
 grpc_service
 gzip
 HashiCorp
+HEC
 hostname
 Hostname
 Ingester