Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

HttpListener - Socket error from 10.23.132.224:49352: Connection closed by peer

rashi83
Path Finder
‎10-23-2019 07:51 AM

Hi, I am getting this error and after that HEC stops sending the events to Splunk. Also, seeing these errors -

ttpListener - Read Timeout communicating with 10.23.132.224:50926, disconnecting

Any idea why events stops coming to SPlunk?

Tags (1)
0 Karma
Reply

vsai0718
Path Finder
‎10-28-2019 01:11 PM

Is there any firewall blocking the communication between the server and HEC's server. Try telnet from the server you're looking to send the logs to the HEC. If it is good, debug it by using curl for HEC

curl -k http://IP_of_HEC_host:8088/services/collector -H 'Authorization: Splunk token' -d '{"sourcetype": "sourcetype_of_HEC_configured", "event":"Hello, World!"}'

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...

Transform your security operations with Splunk Enterprise Security

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk Admins and App Developers | Earn a $35 gift card!

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...