Getting Data In

HTTP Event Collector



Can I disable token/security for the http event collector? We have an internal app which has a log via http option. But there is no option in the app to put a token. I am GUESSING it should work if we can disable the token.


0 Karma


The input is defined in an inputs.conf file. You might be able to remove the token from the inputs.conf file, but I doubt if that works (I suspect Splunk is checking, even if the token is an empty string). Feel free to try and let us know!

State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!