topic Help with firehose ingestion in Getting Data In https://community.splunk.com/t5/Getting-Data-In/Help-with-firehose-ingestion/m-p/469261#M80737 <P>Hello all... I am trying to use the Splunk-Trumpet project to a HEC end point with indexer ack, a valid SSL cert and internet facing. I can use curl to POST data to this endpoint with SSL enabled, so this tells me that at the most basic levels my HEC and it's associated infra is setup right. </P> <P>Since this sets up an S3 bucket for backup should the firehose fail, i am able to browse that and I see the following message:</P> <PRE><CODE>&lt;Error&gt; &lt;Code&gt;AccessDenied&lt;/Code&gt; &lt;Message&gt;Access Denied&lt;/Message&gt; &lt;RequestId&gt;E1B619A2DC6BDD3F&lt;/RequestId&gt; &lt;HostId&gt; pBxYzfWxtG+IfA77uG2ozJ3RNaEf8h4lv83lRDCJ7hmBYU4cPRMSRKk8CxNP761OjONm21jZNLM= &lt;/HostId&gt; &lt;/Error&gt; </CODE></PRE> <P>Any help is MUCH appreciated, this is a HUGE improvement over the previous ingestion methods. </P> Mon, 23 Dec 2019 18:16:10 GMT brent_weaver 2019-12-23T18:16:10Z Help with firehose ingestion https://community.splunk.com/t5/Getting-Data-In/Help-with-firehose-ingestion/m-p/469261#M80737 <P>Hello all... I am trying to use the Splunk-Trumpet project to a HEC end point with indexer ack, a valid SSL cert and internet facing. I can use curl to POST data to this endpoint with SSL enabled, so this tells me that at the most basic levels my HEC and it's associated infra is setup right. </P> <P>Since this sets up an S3 bucket for backup should the firehose fail, i am able to browse that and I see the following message:</P> <PRE><CODE>&lt;Error&gt; &lt;Code&gt;AccessDenied&lt;/Code&gt; &lt;Message&gt;Access Denied&lt;/Message&gt; &lt;RequestId&gt;E1B619A2DC6BDD3F&lt;/RequestId&gt; &lt;HostId&gt; pBxYzfWxtG+IfA77uG2ozJ3RNaEf8h4lv83lRDCJ7hmBYU4cPRMSRKk8CxNP761OjONm21jZNLM= &lt;/HostId&gt; &lt;/Error&gt; </CODE></PRE> <P>Any help is MUCH appreciated, this is a HUGE improvement over the previous ingestion methods. </P> Mon, 23 Dec 2019 18:16:10 GMT https://community.splunk.com/t5/Getting-Data-In/Help-with-firehose-ingestion/m-p/469261#M80737 brent_weaver 2019-12-23T18:16:10Z Re: Help with firehose ingestion https://community.splunk.com/t5/Getting-Data-In/Help-with-firehose-ingestion/m-p/469262#M80738 <P>This appears to be some sort of problem with AWS Permission. </P> Tue, 24 Dec 2019 00:44:34 GMT https://community.splunk.com/t5/Getting-Data-In/Help-with-firehose-ingestion/m-p/469262#M80738 badrinath_itrs 2019-12-24T00:44:34Z