Hi In the example below, I clearly understand that the "hello world" will be updated in a Splunk event {
"time": 1426279439, // epoch time
"host": "localhost",
"source": "random-data-generator",
"sourcetype": "my_sample_data",
"index": "main",
"event": "Hello world!"
}
curl -H "Authorization: Splunk 12345678-1234-1234-1234-1234567890AB" https://localhost:8088/services/collector/event -d '{"event":"hello world"}' Now imagine that my json file contains many items like below {
"time": 1426279439, // epoch time
"host": "localhost",
"source": "random-data-generator",
"sourcetype": "my_sample_data",
"index": "main",
"event": "Hello world!"
}
{
"time": 1426279538, // epoch time
"host": "localhost",
"source": "random-data-generator",
"sourcetype": "my_sample_data",
"index": "main",
"event": "Hello eveybody!"
} Is the curl command to use should be like this? curl -H "Authorization: Splunk 12345678-1234-1234-1234-1234567890AB" https://localhost:8088/services/collector/event -d '{"event":}' Last question : instead using a prompt command to send the json logs in Splunk, is it possible to use a json script to do that? Or something else Is anybody has good examples of that? thanks
... View more