Solved: Re: What are the pros and cons of using the HTTP E...

a212830 · ‎11-07-2016

Hi,

What are the pros and cons of using the HTTP Event Collector (HEC) vs. a standard TCP input feed? We are looking to take data from Kafka and/or Apache Nifi, and trying to determine the best option.

jagadeeshm · ‎11-07-2016

Did you already visit - https://answers.splunk.com/answers/399363/why-would-i-use-the-http-event-collector-when-i-ca.html ?

View solution in original post

sloshburch · ‎11-08-2016

Don't forget the Kafka add ons. If you want a pull model there Splunk Add-on for Kafka. For a push model, I believe HEC is the recommended approach. There is also Kafka Messaging Modular Input written by a lead Splunker.

Related blog posts: http://blogs.splunk.com/?s=kafka

jagadeeshm · ‎11-07-2016

Did you already visit - https://answers.splunk.com/answers/399363/why-would-i-use-the-http-event-collector-when-i-ca.html ?

a212830 · ‎11-08-2016

Awesome. Thanks!

jkat54 · ‎11-08-2016

i converted this to an answer, please mark it as such.

jagadeeshm · ‎11-08-2016

This practice was discouraged in Stackoverflow, so I added it to only comments. But, love to get few reputations on this as well. Thanks!

What are the pros and cons of using the HTTP Event Collector versus a standard TCP input feed?

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

Are you a member of the Splunk Community?

What are the pros and cons of using the HTTP Event Collector versus a standard TCP input feed?

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management