Please indicate an application available in the splunk store (Find more Apps), preferably free. What possibility to establish authentication to an api type bearer?
I installed the "REST API Modular Input" app, but the activation key needs to be purchased.
By "an api" I assume you mean an api of a custom application in your organization. There is no generic solution for such a use case. But it is relatively simple to send data to Splunk's HTTP Event Collector (HEC). See Get data with HTTP Event Collector. You can also Get data from APIs and other remote data interfaces through scripted inputs.
There is another endpoint /services/receivers/simple that I sometimes use. I'm pretty sure it used to be in an example, but I cannot find the document. HEC and receivers endpoints all use bearer authentication, but HEC tokens are managed under "Data Inputs -> HEC", while general REST API tokens are managed under "Users and Authentication -> Authentication Methods".
Hello @yuanliu , in my case I'm using the "REST API Modular Input" app - (pint attached), this app requires me to have a paid activation key, my api is a standard api with "bearer" authentication method.
My question is if in addition to the "REST API Modular Input" there is another app that does the same function so that it does not require the activation key? did you understand?
Yes, I understand that REST API Modular Input app does not meet all your need. The question is: What do you want to achieve with this app? To me, the end goal of using this app is quite basic: To pull data from one or more of applications outside Splunk. My other question is: Are these your own application, or a third-party application?
Regardless, as long as you have documentation of the applications API, any of the alternatives I suggested could achieve the same end goal, some requiring more additional coding than others. @isoutamo's suggestion may save you even more coding.