Re: Splunk Cloud Azure

hopik · ‎06-11-2020

Hi

We are using Splunk Cloud from azure marketplace.

I have created HEC token but I have problem send data to the Splunk Cloud.

I am testing some different port but it doesn't work. Same approach on my

Splunk Cloud trial instances is working.

Working- My test instance:

curl -k https://prd-p-<label>.splunkcloud.com:8088/services/collector/event/1.0 -H "Authorization: Splunk <token>" -d '{"event": "hello world"}'

Azure Splunk Cloud:
NOT work mu commercial company instance:
curl -k https://<company>.splunkcloud.com:8088/services/collector/event/1.0 -H 'Authorization: Splunk <token>' -d '{"event": "hello world"}'

curl -k https://<company>.splunkcloud.com/services/collector/event/1.0 -H 'Authorization: Splunk <token>' -d '{"event": "hello world"}'

Anybody know how to send data via HEC to the Splunk Cloud hosted as Azure service ?

Thanks a lot

twesty · ‎06-11-2020

The ports for splunk cloud change depending on whether its a managed service or not. I would advise you check out the doc here: https://docs.splunk.com/Documentation/Splunk/8.0.4/Data/UsetheHTTPEventCollector for more information

Splunk Cloud Azure

HTTP Event Collector

Fastest way to demo Observability

September Community Champions: A Shoutout to Our Contributors!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

Are you a member of the Splunk Community?

Splunk Cloud Azure

HTTP Event Collector

Fastest way to demo Observability

September Community Champions: A Shoutout to Our Contributors!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps