Trying to get Fluentbit logs to send through HEC, ...

xRusty9 · ‎11-03-2022

Hi there, appreciate if anyone could help me with these query.

I am trying to pump local file to splunk using fluentbit. The Splunk is currently https and secure.

I kept encountering error message of unexpected EOF, I am not sure what have I done wrongly in the fluent-bit.config file.

This is the screenshot of the splunk's general settting

Below is the fluent-bit.config that I used with the fluent-bit.exe..

Spoiler

[INPUT]
Name tail
Tag taglog
Path C:\*.json

[OUTPUT]
Name splunk
Match *
Host localhost
Port 443
Splunk_Token <The HTTP Event Collector token generated in Splunk Web>
TLS On
TLS.Verify On
http_user <The username login to Splunk Web>
http_passwd <The password used to login to Splunk Web>
splunk_send_raw On

[INPUT]Name tailTag taglogPath C:\*.json[OUTPUT]Name splunkMatch *Host localhostPort 443Splunk_Token <The HTTP Event Collector token generated in Splunk Web>TLS OnTLS.Verify Onhttp_user <The username login to Splunk Web>http_passwd <The password used to login to Splunk Web>splunk_send_raw On

when i set the "TLS.Verify" to Off, it will have 303 http status code

Trying to get Fluentbit logs to send through HEC, but getting error?

configuration

splunk-assist

using Splunk Enterprise

Routing logs with Splunk OTel Collector for Kubernetes

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM