433 was a typo, thanks. After changing with the hyphen it is still complaining about the url formation

Url format should match PROTOCOL://HOST:PORT]

When following the Splunk docs does it matter if we are on Splunk Cloud Platform or Splunk Enterprise? From the docs it seems the format is a bit different.

yes the format of the url changes on where you are sending the data either to splunk enterprise or splunk cloud.

Currently I am using splunk cloud and we curl from our sources using the below format.

curl -H "Authorization: Splunk <enter hec token>" https://http-inputs-stackname.splunkcloud.com/services/collector/event -d '{"sourcetype": "test", "index": "test", "event": {"message": "Hello world!"}}'

Hope this helps.

@Roy_9 , ty for reply, i appreciate.

I am seeing something different

I am on splunk cloud not on enterprise my token is e6a0b67b-e6d0-418f-a2cd-4493804c7c92

I only get a success with the following

curl -k -H "Authorization: Splunk e6a0b67b-e6d0-418f-a2cd-4493804c7c92" https://prd-p-gap0o.splunkcloud.com:8088/services/collector/event -d '{"sourcetype": "test", "index": "test", "event": {"message": "Hello world!"}}'

#i added -k to allow insecure connection but it does recognize the uri

When i try with http-inputs- it fails

Note: I am on a trial account by the way.

Ok @danylan got it, i remember there will be slight change in url for self service and managed service cloud, please have a look at the documentation.

Not sure about the below error, may be you need to open a fw connection from your machine to https://http-inputs-hostname.splunkcloud.com

If it is resolved, please accept the solution and appreciate you giving karma point.

Thanks