I'm trying to load application usage information from my OS X application into Splunk Cloud. I've seen mint.splunk.com, and something like that would be almost exactly what I'm looking for. Unfortunately, Mint is iOS-specific (the framework links against UIKit), so I have to build something myself. I have my data assembled and when loaded into Splunk via a file upload, I get the results I'm looking for. I'm struggling with uploading data directly from the application to Splunk Cloud (I have a Cloud trial right now).

With other analytics services, there is an API that you can use to submit data directly from the client to the server. I thought that the Splunk REST API would offer that kind of functionality, but I can't seem to get it working with Splunk Cloud, e.g.:


curl -k -u {myusername} 'https://{myinstance}.cloud.splunk.com/services/receivers/simple?source=www&sourcetype=web_event' -d "event=myevent"


That generates an error:

<h1>See Other</h1><p>The resource has moved temporarily <a href="https://{myinstance}.cloud.splunk.com/en-US/services/receivers/simple?source=www&sourcetype=web_event></a>"

And when I use that URL (including the locale) I get a 404 "Not found" error.

I could set up a forwarder on my server (I already use REST to send other data to my server), but I'm concerned about adding extra load, and the middle man really shouldn't be necessary.

Does anyone have an example of using the Splunk REST API with Splunk Cloud specifically for uploading event data?