We are running Splunk Cloud, and the Cloud operations team created a HTTP Event Collector with a new token. On the Meraki dashboard, I enter the URL from Splunk Cloud (https://http-inputs-oxfordinc.splunkcloud.com/services/collector/event) and I enter the HEC "token" as the Meraki secret. It won't validate, giving a response other than 200 message.
My guess is this is an issue that the Meraki "secret" and "validator" are not tied to the HEC token in any way, but I can't find any details on how this is supposed to be accomplished. Any help is appreciated.
... View more