Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
91 results
Sorted by:
11-30-2020
10:06 AM
On a Linux host I am testing our HEC Indexer Acknowledgement setup on our heavy forwarder and following the documentation example but I keep running into "invalid data format" errors. I am r...
Labels
- Labels:
-
HTTP Event Collector
06-24-2019
11:51 PM
Hi Experts,
I configured HEC input, after that I run curl command using that token, it returns {"text":"Success","code":0} .
But no event comes into my INDEX.
Any suggestions on how to p...
04-27-2017
05:59 PM
Hello fellow Splunkers,
I need some help with HEC (HTTP Event Collector). The problem is that no events are appearing in any indexes. To simplify the issue I set up a test HEC config without SSL (http...
01-08-2019
01:37 PM
As I want to use the same HTTP event collector (HEC) token, can i add the new index=X and remove old index=Y? But, I don't want to lose the events on old index=Y. So, if i do that, the events on Index...
05-03-2019
07:46 AM
We think that the HTTP Event Collector reaches directly the indexing queue when using the event end point. Meaning the props.conf that we place are being ignored. Is this right?
- Tags:
- http-event-collector
10-01-2015
12:08 PM
1 Karma
I have three stand alone indexers in a round robin and want them to accept HTTP events via the HTTP Event Collector. How do I generate a token with the same value on all three?
08-09-2016
10:18 AM
Hello,
We have a Splunk Enterprise environment that has separate tiers that are clustered; Search Heads and Indexers. Where/which tier do I enable HEC on and create tokens? Search Heads or Indexer...
04-10-2016
11:58 PM
7 Karma
Hi,
I just downloaded and installed Splunk Light on-prem and I'm trying to use HTTP Event Collector walk-through ( http://dev.splunk.com/view/event-collector/SP-CAAAE7F) with postman/curl. I t...
Labels
- Labels:
-
other
02-25-2019
09:40 AM
...nybody else has had this issue with the HTTP Event Collector? Is there a more efficient way of indexing data so this doesn't happen? Is a TCP socket faster than the HEC?
I am currently waiting f...
09-11-2019
01:11 PM
I have an application which send event to HTTP event collector and writes a backup log to disk.
Can I somehow configure Splunk to index a log file, incase HTTP endpoint will be unavailable?
H...
