Splunk Enterprise

How do I make a POST request to the HTTP Event collector using Splunk Light?

hashtagjohnt
New Member

I set up an new Splunk Light account to test out the functionality of Splunk and would like to send data using the HTTP Event Collector.

According to the docs (http://dev.splunk.com/view/event-collector/SP-CAAAE7F), I am supposed to enable the HTTP Event Collector, which I have done:

alt text

and then create a token, which I have done:

alt text

But on the review page, there is not "Host" value. I assume the host is the same host that I am using the create the tokens, something like:

https://prd-p-2lsvqbvxyzzzzz.cloud.splunk.com

So according to the docs, I should be able to post data, but for some reason it times out:

curl -k https://prd-p-2lsvqbxyzzzzz.cloud.splunk.com:8088/serivces/collector -H "Authorization: Splunk my-secret-token" -d '{"sourcetype": "curl", "event":"Hello, World!"}'

curl: (7) Failed to connect to prd-p-2lsvqbxyzzzzz.cloud.splunk.com port 8088: Connection timed out

Any idea why it is failing? Do I have everything set up correctly?

Thanks!

Labels (1)
Tags (1)
0 Karma

nmadhok
Path Finder

Because you have misspelt the endpoint in the URL ( serivces/collector) instead of ( services/collector)

This is what you have:

https://prd-p-2lsvqbxyzzzzz.cloud.splunk.com:8088/serivces/collector

This is what it should be:

https://prd-p-2lsvqbxyzzzzz.cloud.splunk.com:8088/services/collector
0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!