Is compression (like Gzip) supported in HEC batched payload ? One of the Splunk blog mentioned it, but can't find any relevant info in user/developer guide. Can someone please confirm and share docs if supported?
Revised answer: If you send gzip'ed data, just set the Content-Encoding header like you would with any other payload sent over HTTP and it will work.
View solution in original post
Here is a blog post that you might be looking for: https://www.splunk.com/blog/2016/07/28/sending-compressed-payloads-to-splunk.html
