Hi,
I am trying to redirect the logs generated by my java project to splunk. I am using below appenders to redirect the logs and created a HTTP Event token for the same. I am able to receive the simple message sent using curl as in splunk documentation for HEC. But not able to recieve the logs in splunk.
appender.mycomp.type = http
appender.mycomp.name = mycomp
appender.mycomp.url = http://localhost:8088/services/collector
appender.mycomp.token = 9548e361-xxxx-xxxx-xxxx-xxxxxxxxxxx
appender.mycomp.layout.type = PatternLayout
appender.mycomp.layout.pattern = %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n
Any other configuration required to receive the logs in Splunk 8.x .
Please help
Thanks in advance
Event format is very important. you need to incorporate your event in event attribute below:
curl -k -H "Authorization: Splunk 12345678-1234-1234-1234-1234567890AB" https://mysplunkserver.example.com:8088/services/collector/event -d '{"sourcetype": "my_sample_data", "event": "http auth ftw!"}'