Solved: How can I send the content of the file to HTTP Eve...

Dolis · ‎06-24-2021

I am using a script that gives me some data in json format, I want to send this data to splunk.
I can store the output of the script in a file but how can I send it to HTTP Event Collector?

Couple of things I tried but did not work:

------------------------------------------------
#!/bin/bash
FILE="output.json"
file1="cat answer.txt"
curl -k "https://prd-pxxx.splunkcloud.com:8088/services/collector" -H "Authorization: Splunk XXXXX" -d '{"event": "$file1", "sourcetype": "manual"}'

-----------------------------------------------------------

curl -k "https://prd-pxxx.splunkcloud.com:8088/services/collector" -H "Authorization: Splunk XXXXX" -d '{"event": "@output.json", "sourcetype": "manual"}'

-------------------------------------------------------------

curl -k "https://prd-p-w0gjo.splunkcloud.com:8088/services/collector" -H "Authorization: Splunk d70b305e-01ef-490d-a6d8-b875d98e689b" -d '{"sourcetype":"_json", "event": "@output.json", "source": "output.json}

-----------------------------------------------------------------

After trying this I understand that it literally sends everything specified in the event section. Is there a way I can send the content of the file or use a variable?

Thanks in advance!