...o set the "time" as the actual event time:
Have tried with both "_json" and my own sourcetype but to no avail. Have tried with both EPOCH and time format as above.
My own sourcetype looks like t...
Hi , I am trying to configure HTTPeventcollectorfor log ingestion i have few questions ?
I am hosting HEC on my HF .
A user is running application on a application which is on Linux VM and t...
...f:
Httpeventcollector
Monitor local directories where apps are storing their logs in json format (large files)
I cannot use tcp because there is no .net core library for this purpose
Also, t...
Hello,
I have a source that creates raw XML event log data. I'd like to send this directly to the HTTPeventcollector in a raw format. I've viewed the available documentation here http://d...
I need to use the HTTP Even Collectorfor ingestion and it will be exposed to the web so I need to secure this communications. How do I secure the eventcollector port 8088 with an ssl certificate?
A properly formatted JSON string will escape the double quotes. However the HEC does not translate that accordingly.
e.g JSON message to HEC: {"event":"somefield=\"a value with spaces\""}
t...
I am trying to mask a password that is inside a log coming from HTTPEventCollector.
I configure my props.conf with the following
[api-core]
TRANSFORMS-anonymize = password-anonymizer
a...
According to the "FormateventsforHTTPEventCollector" document, I can send time , host , source , sourcetype and index .
I would like to send additional event metadata. Is this p...
...hat Splunk can format the data intelligently during indexing. *And it's a way to categorize your data, so that you can search it easily. *
We are inputting key/value pairs via HTTPEventCollector....