Solved: Re: Enable http event collector

eltnegcoinprofi · ‎06-14-2020

How can I use the HTTP event collector in Splunk cloud 15 days trial? Also, will my instance be disabled after the trial?

I followed the instructions here but I got {"text": "Data channel is missing", "code":10} and Could not resolve host: when I tried the URLs `https://http-inputs-prd-p-xxxxx.splunkcloud.com:443/services/collector/event` and https://prd-p-xxxxx.splunkcloud.com:8088/services/collector/event respectively.

livehybrid · ‎06-14-2020

The first request sounds almost right, but the token has Acknowledgement turned on so need to either turn that off or add a request channel (In curl this would be something like

-H "X-Splunk-Request-Channel: FE0ECFAD-13D5-401B-847D-77883AD77131"

View solution in original post

livehybrid · ‎06-14-2020

The first request sounds almost right, but the token has Acknowledgement turned on so need to either turn that off or add a request channel (In curl this would be something like

-H "X-Splunk-Request-Channel: FE0ECFAD-13D5-401B-847D-77883AD77131"

eltnegcoinprofi · ‎06-14-2020

Thanks. Logging now works as expected. What happens when my trial period elapses? Does my instance get erased or will I have reduced logging functionalities?

livehybrid · ‎06-14-2020

Unfortunately I think you will lose access to it. It may be worth speaking to the sales team to see if it can be extended?

Glad its working!

eltnegcoinprofi · ‎06-14-2020

Thanks.🙂

Enable http event collector

using Splunk Cloud

Developer Spotlight with Brett Adams

Index This | What can you do to make 55,555 equal 500?

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...