K
Q

I am trying to test my splunk HEC token by ending an event to my splunk cloud instance, How can i verify i have the right HEC host name?

10/1/2019

I am using the curl command to send an event to Splunk cloud, but I am getting timeout errors and host not found errors. I believe it is the host name that is the problem.

I have tried the "Server Name" from the About section on our Splunk cloud UI. I have also tried pinging this server name but that didn't work.

I have tried the same with the URL in my Splunk cloud UI browser, no response from that.

curl -v -k https://input-??????:8088/services/collector -H "Authorization: Splunk #######" -d '{"sourcetype": "_json", "event": "Hello, world!"}'

I expect to see something like {"text": "Success", "code": 0} and the event in my Splunk cloud UI.

-- Micky
fluentd
kubernetes
openshift
splunk

Similar Questions

Why the multiple containers pod status is Completed even when one of the containers exit with error?
Kubernetes: How to link to internal services with different namespaces?
Kubernetes kind of objects and Prometheus operator
Wait for kubernetes jobs to finish
How to write a json patch so that it creates a file in /spec/kubeadmConfigSpec/files/-"?
ASP.Net Core sidecar logging in Kubernetes with Fluentd problem
Istio1.7 sidecar-injection failure , Timeout exceeded while awaiting headers

1 Answer

10/2/2019

If you can't ping the input instances of your splunk cloud instance, you most likely need to address this at a network level. Are there firewalls between your machine and splunk cloud. Are other log sources (on your machine, and on other machines) able to send data to the input instances?

-- Simon Duff
Source: StackOverflow