We are trying to ingest Kemp LoadMaster WAF/ModSecurity logs to Splunk cloud via http event collector (HEC). I've already done my part setting up on Splunk side and as test, I used curl statements to test and I'm successful. However, when going into the settings of Kemp LoadMaster WAF settings my options are Logging Format<JSON>; Enable Remote Logging <checked>; Remote URI <https://mysplunkHF.com:8088/services/collector/event>; Username<splunk>; Password<token HEC> final step, Set Remote Parameters to save my config.
At this point, I should be seeing events in the Splunk cloud, but I'm not. Has anyone tried to get Kemp LoadMaster WAF logs to Splunk cloud via HEC?