- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- Re: Best way to connect to HEC with Java SDK
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Best way to connect to HEC with Java SDK
Question: What is the best way to connect to HEC with the Java SDK?
SDK JAR Version: 1.6.4.0
Currently, I am using the below code.
loginArgs.setToken("c0973521-5e90-4364-b551-cb7b1fcbfcf6");
loginArgs.setHost("https://hec.dev.splunk.domain.int:13510/services/collector/event");
loginArgs.setPort(13510);
HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_1);
Service service = Service.connect(loginArgs);
Which returns an error that the URI can't be null even though the host is being set, which leads me to believe that it's malformed.
java.lang.IllegalArgumentException: URI can't be null.
at sun.net.spi.DefaultProxySelector.select(DefaultProxySelector.java:148)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1150)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1050)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1334)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1309)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:259)
at com.splunk.HttpService.send(HttpService.java:445)
at com.splunk.Service.send(Service.java:1295)
at com.splunk.HttpService.post(HttpService.java:348)
at com.splunk.JobCollection.create(JobCollection.java:81)
at com.splunk.JobCollection.create(JobCollection.java:62)
at com.mastercard.salt.client.http.HECConnector.execute(HECConnector.java:73)
at com.mastercard.salt.client.http.SplunkHECTest.setup(SplunkHECTest.java:17)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From what I'm seeing the setHost() argument should be the hostname or IP address only. I'm attempting to use the SDK to connect to HEC for the first time, I'll report back my success.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I wound up just writing a wrapper for cURL by leveraging Java's ProcessBuilder. Running into a tricky error where the same command is being executed in Java and Shell with different results. So perhaps they aren't the same.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You're using curl rather than using an HttpClient in java? That seems crazy.
So to be clear, you never did find a way to use the actual Splunk sdk to connect to an HEC?
Announcing Scheduled Export GA for Dashboard Studio
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!
