All Apps and Add-ons

How to get Kemp LoadMaster WAF logs to Splunk cloud via HTTP Event Collector?

New Member

We are trying to ingest Kemp LoadMaster WAF/ModSecurity logs to Splunk cloud via http event collector (HEC).  I've already done my part setting up on Splunk side and as test, I used curl statements to test and I'm successful.  However, when going into the settings of Kemp LoadMaster WAF settings my options are Logging Format<JSON>; Enable Remote Logging <checked>; Remote URI <https://mysplunkHF.com:8088/services/collector/event>; Username<splunk>; Password<token HEC>  final step, Set Remote Parameters to save my config.  

At this point, I should be seeing events in the Splunk cloud, but I'm not.  Has anyone tried to get Kemp LoadMaster WAF logs to Splunk cloud via HEC?  

 

Labels (2)
0 Karma