Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to get HTTP Event Collectors enabled in Splunk Cloud?

jimathead
Engager
‎11-02-2015 11:54 AM

We are investigating Splunk Cloud for our browser apps performance and logging. To see if the HTTP Event Collectors would meet our needs, I created a trial account. When going through the set-up instructions, I read this line:

 Note: To turn on HTTP Event Collector in Splunk Cloud, file a request ticket with Splunk Support.

It seems that with a trial account, the web UI will not let me file a request ticket with Splunk. If it is possible to do so, I certainly cannot figure out HOW I would do that.

Can I get the HTTP Event Collectors enabled on my Splunk Cloud trial? Who should I contact and how. If this is not possible, please let me know and I will simply delete my trial account.

Thank you.

Jim

Reply

tdepuy
Path Finder
‎07-19-2017 09:37 AM

So the secret is the url needs an input prefix.
See here: https://answers.splunk.com/answers/488523/what-is-the-correct-url-to-set-up-http-event-colle.html#an...

0 Karma
Reply

wfrankl2
Explorer
‎10-24-2016 11:10 AM

I have had Support open a ticket and it is fairly painless besides waiting on them to do it. We were able to send data immediately. The docs didn't used to tell you to open a ticket. We tried to create ourselves, but as mentioned before, there is the bug that it doesn't create the collector on the indexer so it won't work. That's why they have to create it. Not sure if that is fixed in 6.5, we are 6.4.1.2.

0 Karma
Reply

gblock_splunk
Splunk Employee
Splunk Employee
‎04-22-2016 01:43 PM

For self-service you still have to go into the HTTP Event Collector management UI and enable it. You can do this yourself.

For clustered you will need to work with support for enabling and for token management.

0 Karma
Reply

ncrisler
New Member
‎04-22-2016 07:02 AM

This can all be done by going to settings>Data Inputs>Add new

  1. Fill in Name then click next.
  2. Select index appropriate for your data (you can create a new index here if need be and choose that)
  3. Review to make sure everything is as it should be
  4. Copy down your Token

Next you will be ready to start sending your Data using the Http Event Collector

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎04-22-2016 08:21 AM

If you have a self-service Splunk Cloud account, HTTP Event Collector is available by default. If you have a managed Splunk Cloud account, you need to file a support ticket to have HTTP Event Collector enabled.

See Add data using HTTP Event Collector in the Splunk Cloud User Manual.

0 Karma
Reply

starcher
Influencer
‎11-02-2015 12:31 PM

They mentioned at conf that the Web UI was not updated yet for it. It will require a support ticket. One of the Splunk folks will have to reply on how to open a ticket for a trial account.

0 Karma
Reply

gblock_splunk
Splunk Employee
Splunk Employee
‎03-03-2016 11:06 AM

Hi @jimathead

You can now enable HTTP Event Collector now in trial via the Splunk UI.

There is a known issue with the cert we use for cloud trial, so depending on which stack you are using to send the data, you might hit into issues, or you might not.

curl definitely will work.

0 Karma
Reply
Get Updates on the Splunk Community!

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...