Dashboards & Visualizations

i dont find the logged data in splunk enterprise and in cloud after creating token in HTTP event collector and the curl request

arunprasath93
Explorer

I followed this steps from splunk doc to enable Http Event collector (http://dev.splunk.com/view/event-collector/SP-CAAAE7F)

when I try searching source="http:" , i dont find the logged data in splunk enetrprise or splunk cloud.plz check images for better understanding.
alt text

Tags (1)
0 Karma

prakash007
Builder

@arunprasath93: looks like you were able to post the message successfully, did you do a all-time search just in case if the timestamps are off, if you have associated any index to your HEC token, try running a run with your index and Sourcetype.

0 Karma
Get Updates on the Splunk Community!

3 Ways to Make OpenTelemetry Even Better

My role as an Observability Specialist at Splunk provides me with the opportunity to work with customers of ...

What's New in Splunk Cloud Platform 9.2.2406?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2406 with many ...

Enterprise Security Content Update (ESCU) | New Releases

In August, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...