Solved: What are the pros and cons of using the HTTP Event...

a212830 · ‎11-07-2016

Hi,

What are the pros and cons of using the HTTP Event Collector (HEC) vs. a standard TCP input feed? We are looking to take data from Kafka and/or Apache Nifi, and trying to determine the best option.

jagadeeshm · ‎11-07-2016

Did you already visit - https://answers.splunk.com/answers/399363/why-would-i-use-the-http-event-collector-when-i-ca.html ?

View solution in original post

sloshburch · ‎11-08-2016

Don't forget the Kafka add ons. If you want a pull model there Splunk Add-on for Kafka. For a push model, I believe HEC is the recommended approach. There is also Kafka Messaging Modular Input written by a lead Splunker.

Related blog posts: http://blogs.splunk.com/?s=kafka

jagadeeshm · ‎11-07-2016

Did you already visit - https://answers.splunk.com/answers/399363/why-would-i-use-the-http-event-collector-when-i-ca.html ?

a212830 · ‎11-08-2016

Awesome. Thanks!

jkat54 · ‎11-08-2016

i converted this to an answer, please mark it as such.

jagadeeshm · ‎11-08-2016

This practice was discouraged in Stackoverflow, so I added it to only comments. But, love to get few reputations on this as well. Thanks!

What are the pros and cons of using the HTTP Event Collector versus a standard TCP input feed?

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

Are you a member of the Splunk Community?

What are the pros and cons of using the HTTP Event Collector versus a standard TCP input feed?

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability