Getting Data In

Error Connecting to HTTP Event Collector

jinesh_thakkar
New Member

Hi

I sign up for splunk free cloud trial instance and created the HTTP Event Collector as per link here

Link - http://dev.splunk.com/view/event-collector/SP-CAAAE7F

When I try to call following HEC curl from postman, I am unable to connect and do not get any response

curl -k https://:8088/services/collector -H 'Authorization: Splunk ' -d '{"sourcetype": "mysourcetype", "event":"Hello, World!"}'

0 Karma

vkannampuzha
Explorer

Once you create your Splunk instance, here is the curl command I used that works. I'm assuming that this is your localhost.

curl -k http://localhost:8088/services/collector -H "Authorization:Splunk ENTER YOUR TOKEN VALUE" -d '{"sourcetype": "mysourcetype", "event":"Hello, World!"}'

0 Karma

preotesoiu
Path Finder

your curl command must contain the hostname or IP address
curl -k https://yourhostname:8088/services/collector ...

or perhaps you can try below curl command:
curl -k -u "userID:TOKEN" "https://your_server_name:8088/services/collector/event" -d '{"event": "Hello, world!"}'
if works well you would see below response
{"text":"Success","code":0}

0 Karma

preotesoiu
Path Finder

also I believe the path is a bit different for splunk cloud:

When creating requests to Splunk Cloud, you must add a prefix to the URI of the hostname according to your subscription. For self-service Splunk Cloud plans, pre-pend the hostname with input-. For all other Splunk Cloud plans, pre-pend the hostname with http-inputs-. In the previous example, the cURL statement would look like the following for self-service Splunk Cloud instances:
curl -k https://input-:8088/services/collector -H 'Authorization: Splunk ' -d '{"event":"Hello, World!"}'

And for all other Splunk Cloud instances:
curl -k https://http-inputs-:8088/services/collector -H 'Authorization: Splunk ' -d '{"event":"Hello, World!"}'

0 Karma
Get Updates on the Splunk Community!

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...

From Alert to Resolution: How Splunk Observability Helps SREs Navigate Critical ...

It's 3:17 AM, and your phone buzzes with an urgent alert. Wire transfer processing times have spiked, and ...