Error while sending data via SplunkHECExporter

Av2 · ‎11-24-2023

I using the OpenTelemetry Collector to receive and export logs to my Splunk Cloud Instance.
I have a AWS lambda which polls data and runs a OpenTelemetry Lambda layer which receives the logs in the OTLP format and exports it to Splunk cloud Instance using HEC exporter. Below is the configurations for otel

receivers:
otlp:
protocols:
http:
exporters:
splunk_hec:
token: ${SPLUNK_TOKEN}
endpoint: ${HEC_ENDPOINT}
# Source. See https://docs.splunk.com/Splexicon:Source
source: "otel"
# Source type. See https://docs.splunk.com/Splexicon:Sourcetype
sourcetype: "otel"
service:
pipelines:
logs:
receivers: [otlp]
exporters: [splunk_hec]

Now, the problem is the splunk_hec exporter fails to send the logs to my splunk cloud Instance.
I get the below errors

max elapsed time expired Post "https://inputs.prd-p-gxyqz.splunkcloud.com:8088/services/collector/event": EOF


max elapsed time expired Post "https://inputs.prd-p-gxyqz.splunkcloud.com:8088/services/collector/event": context deadline exceeded

Now can you please help me identify the issue.
Also, what exactly should be my HEC Endpoint URL? The documentation says the format should be

<protocol>://http-inputs-<host>.splunkcloud.com:<port>/<endpoint>

But the above format doesn't work.

Error while sending data via SplunkHECExporter

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Join the Conversation

Error while sending data via SplunkHECExporter

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...