Hi,
Probably a basic question, but I have tested out manually importing json logs into Splunk using a curl command with success.
We have a Cloudflare instance where I would like to auto run a curl command against every day. Does Splunk have an app (I have the Cloud instance of Splunk) which I can install to pull this information?
I've already spoken to a Cloudflare technician who confirmed they cannot push these events, they have to be pulled using a curl command.
Thank you!
There isn't an app specific to CloudFlare but considering their API is REST over HTTPS with JSON responses, you can leverage https://splunkbase.splunk.com/app/1546/ to have Splunk pull the data from CF's API.
See also https://api.cloudflare.com/
Because you're a Splunk Cloud customer, you'll probably have to open a support request to have the REST app installed.