Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

unable to push waf logs through HEC- error says HEC is not reachable

rajiv_r
Explorer
‎09-22-2020 09:42 AM

I have a splunk trial version and i am trying pushing aws waf logs through HEC- I have enabled the token perfectly and also tried with several endpoints, but it dint worked. Most of the Splunk documents has a guide for splunk cloud instance on how to enable the endpoints but i could not find any documents which says how to configure the endpoints for splunk enterprise trial.

Meanwhile i tried with the all the three way of endpoints

<protocol>://<host>:<port>/<endpoint>
<protocol>://input-<host>:<port>/<endpoint>

 and

<protocol>://http-inputs-<host>:<port>/<endpoint>


 

Labels (1)
Labels
0 Karma
Reply

renjith_nair
Legend
‎09-23-2020 01:00 AM

are you trying to send data from AWS to your on premise enterprise instance?

Are you trying programmatically ? Whats the error ?

https://docs.splunk.com/Documentation/Splunk/8.0.6/Data/HECExamples

 

---
What goes around comes around. If it helps, hit it with Karma 🙂
0 Karma
Reply
Get Updates on the Splunk Community!

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...