Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to send aws eventbridge events to a specific index on splunk cloud

Pavan0411
New Member
‎02-14-2023 01:50 AM
We have been trying to ingest aws eventbridge events to splunk cloud using API destination partners provided by aws but when are trying to ingest the data using the url https://SPLUNK_HEC_ENDPOINT:optional_port/services/collector/raw. The data has been ingested to the index="main" index. but we need to ingest data to a different index can someone help how this can be performed
Labels (4)
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎02-14-2023 01:53 AM

Hi @Pavan0411,

which Add-on are you using for this?

If you're using Data Manager or Splunk Add-On for AWS Services, you can configure the destination index for each kind of data source.

Ciao.

Giuseppe

0 Karma
Reply

Pavan0411
New Member
‎02-14-2023 01:56 AM

Hi @gcusello 

we have been using Splunk Add-On for AWS Services can you please help how to configure the destination index for each kind of data source.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎02-14-2023 02:01 AM

Hi @Pavan0411,

using the Splunk Add-On for AWS services, in the inputs definition, you can set up the destination index of each input.

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...