All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Webhook data not being indexed but receiving connections

jpolcari
Communicator
‎11-16-2018 11:20 AM

Having some trouble getting webhook data into Splunk. I've configured the webhook input with a certificate and it is successfully receiving connections but the only data that is being indexed is (I have many of these events):

path=/adyen full_path=/adyen query="" command=POST client_address=xxx.xxx.xxx.xxx client_port=51926

For reference, this is what i'm currently trying to ingest: https://docs.adyen.com/developers/notifications/set-up-notifications

I don't see any type of errors within the log file. Anything advice to help troubleshoot?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jpolcari
Communicator
‎11-16-2018 12:53 PM

Ended up solving my own question. The content-type that was being sent included the charset (content-type="application/json; charset=utf-8"). After making a minor change to webhook.py to check for application/json* my events started coming in.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

LukeMurphey
Champion
‎12-03-2018 04:14 PM

This is a bug. I'm going to fix this in a new release. I have this planned for version 1.2.2 (see bug report 2335).

0 Karma
Reply
Solved! Jump to solution
Solution

jpolcari
Communicator
‎11-16-2018 12:53 PM

Ended up solving my own question. The content-type that was being sent included the charset (content-type="application/json; charset=utf-8"). After making a minor change to webhook.py to check for application/json* my events started coming in.

0 Karma
Reply
Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

Observability Newsletter Highlights | March 2023

 March 2023 | Check out the latest and greatestSplunk APM's New Tag Filter ExperienceSplunk APM has updated ...

Security Newsletter Updates | March 2023

 March 2023 | Check out the latest and greatestUnify Your Security Operations with Splunk Mission Control The ...