Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Proper URL for using Splunk HTTP Event Collector on free cloud account?

JimO
Explorer
‎05-05-2023 10:24 AM

Hi,

I believe I should be able to use Splunk HTTP Event Collector to send events to Splunk.  I have created an Event Collector token, I have tried a bunch of different URLs, none seem to work.  I have tried Curl and Postman.  For a free account if my URL is https://prd-p-m95xx.splunkcloud.com,  what would be my URL?

Here's my curl command 
curl "MysteryURL" -H "Authorization: Splunk 11111111-2222-3333-4444-555555555555" -d "{\"event\": \"Hello, Anyone!\", \"sourcetype\": \"manual\"}" -v

Thanks

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution

JimO
Explorer
‎05-08-2023 06:45 AM

Hi Rich,

Thanks again for your help.  My Firewall lets all outbound connections through.   Has a test I temporarily turned off my firewall, but still had the same issue.  I am baffled. 

0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎05-05-2023 11:06 AM

Your URL should be https://http-inputs-prd-p-m95xx.splunkcloud.com:8088

curl -k https://http-inputs-prd-p-m95xx.splunkcloud.com:8088 -H "Authorization: Splunk 11111111-2222-3333-4444-555555555555" -d "{\"event\": \"Hello, Anyone!\", \"sourcetype\": \"manual\"}" -v

 

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

JimO
Explorer
‎05-05-2023 11:44 AM

Hi,

Thanks for the reply.  I had tried that earlier, and I just did again.  this is what I got

C:\>curl -k https://http-inputs-prd-p-m95xx.splunkcloud.com:8088 -H "Authorization: Splunk 11111111-2222-3333-4444-555555555555" -d "{\"event\": \"Hello, Jojo!\", \"sourcetype\": \"manual\"}" -v
* Trying 143.244.220.150:8088...
* connect to 143.244.220.150 port 8088 failed: Timed out
* Failed to connect to http-inputs-prd-p-m95xx.splunkcloud.com port 8088 after 21158 ms: Couldn't connect to server
* Closing connection 0
curl: (28) Failed to connect to http-inputs-prd-p-m90yo.splunkcloud.com port 8088 after 21158 ms: Couldn't connect to server

So, I'm not sure what the issue is, but it looks like it is not the URL.  

Anyone else have any ideas?



0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎05-05-2023 12:20 PM

Make sure your firewall is allowing connections to that host and port.

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

JimO
Explorer
‎05-08-2023 11:53 AM

Here is the URL that finally worked

https://prd-p-m90yo.splunkcloud.com:8088/services/collector

0 Karma
Reply
Solved! Jump to solution
Solution

JimO
Explorer
‎05-08-2023 11:55 AM

Sorry that should be

 

https://prd-p-m95xx.splunkcloud.com:8088/services/collector

Reply
Solved! Jump to solution

JimO
Explorer
‎05-08-2023 12:25 PM

This also works

https://inputs.prd-p-m95xx.splunkcloud.com:8088/services/collector

0 Karma
Reply
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...