Splunk Enterprise

HTTP event collector log troubleshooting

senthild
Explorer

we have a log ingestion from aws cloud env via HTTP event collector to splunk , one of the user reporting some of the logs which is missing in splunk is there any log file to validate this or if there is any connectivity drop in http to cloud apps how to validate this 

Labels (2)
0 Karma

inventsekar
SplunkTrust
SplunkTrust

Hi @senthild 

More details needed from your side.. 

from AWS Cloud to Splunk Cloud or Splunk Enterprise?

any recent changes to the HEC inputs? 

get details from the user that which timeframe or logs are missing exactly.. pls check these logs yourself..   (may times the developers simply "think" something is missing)

maybe, pls check these troubleshooting steps.. 

https://docs.splunk.com/Documentation/SplunkCloud/9.1.2308/Data/TroubleshootHTTPEventCollector

 

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with Brett Adams

In our third Spotlight feature, we're excited to shine a light on Brett—a Splunk consultant, innovative ...

Index This | What can you do to make 55,555 equal 500?

April 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...

In today’s evolving threat landscape, we understand you’re constantly bombarded with phishing and malware ...