I installed Splunk 6.4.4 in my local host.
I am trying to use Splunk only for Data Push & Retrieval operation.
I have another application "X" (which generates data) and provided with Splunk extension with Service called "SendEvent", "Search".
When I try to use SendEvent service to push data to my local Splunk, it gives error as "Unable to invoke service".
"X" application uses SSL.
This means some local hosted Splunk security setting is blocking the request.
So could you please tell me how to decrease local security settings in order to receive data from another application?
Hello arajesh456,
Have you looked at HTTP Event Collector ?
Although the article talks about Splunk Enterprise, it works perfectly fine with Splunk Light as well.
Also, other ways of getting data from external applications are to setup a universal forwarder on the host where application is potentially writing logs (if that's the case), and having forwarder monitor the folder where log files are and forward it to Splunk Light instance. You can read information about it here.
-Dhananjay
Hi @arajesh456
Did you mean to put Splunk "4.4"? What version are you referring to exactly?
How Splunk can be integrated with other application to store data & query data?
can Splunk instance be reachable through : Server Name, Port, authenticated Admin user name, password and provide method to push data? through Http / SSL.
and also if anyone can help here to provide the name of Method/Functionality to push data to Splunk instance from outside apps? is it "Add Data"?
Thanks.
Sorry... I am using Splunk 6.4.4