Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk HF to splunk cloud Outputs.conf file

sekhar463
Path Finder
‎04-16-2024 02:47 AM

i am using splunk cloud and design is UF > hf>splunk CLOUD 

in HF"S we have outputs file like below 

 

 

i have below splunk configuration in outputs.conf file in heavy forwarder
here sslPassword is same for all HF"S if i am using multiple heavy forwarders

root@hostname:/opt/splunk/etc/apps/100_stackname_splunkcloud/local # cat outputs.conf
[tcpout]
sslPassword = 27adhjwgde2y67dvff3tegd36scyctefd73******************
channelReapLowater = 10
channelTTL = 300000
dnsResolutionInterval = 300
negotiateNewProtocol = true
socksResolveDNS = false
useClientSSLCompression = true
negotiateProtocolLevel = 0
channelReapInterval = 60000
tcpSendBufSz = 5120000
useACK = false

[tcpout:splunkcloud]
useClientSSLCompression = true
maxQueueSize = 250MB
autoLBFrequency = 300

 

Labels (2)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎04-17-2024 01:15 AM

Hi

you should use UF package which is loaded from your SCP stack. Just install it on all your UF+HF which are directly connected to your cloud stack and use its defaults to send into SCP. Don't mesh it!

r. Ismo

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎04-16-2024 06:14 PM

What is your question?

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Good Sourcetype Naming

When it comes to getting data in, one of the earliest decisions made is what to use as a sourcetype. Often, ...

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...

Splunk App for Anomaly Detection End of Life Announcement

Q: What is happening to the Splunk App for Anomaly Detection?A: Splunk is officially announcing the ...