I am trying to get data from a Rest Site. Splunk 6.3 no longer has the modular input that handles it. I went through the documentation on http event collector, but I don't see how it can get data from a rest site. Does anyone know how to get data from a rest site?
Hi @hierros what do you mean by from a rest site? The HTTP Event Collector is not part of the REST Management endpoint, but it is an API that you can hit just the same.
What problem are you having?
Thanks
Hi @hierros,
As a general suggestion, here is some documentation on REST API input endpoints:
http://docs.splunk.com/Documentation/Splunk/6.3.0/RESTREF/RESTinput
What modular input were you using previously? We can discuss more specifics, if you don't find what you need in the above documentation.
All the best,
@frobinson_splunk
I am an intern at Kaiser and new to Splunk. I have never used modular input before. I was tasked with data intake from a Rest API and really looking for a solution. The document seem to be similar to how http event collector works. Do you know if http event collector can get data from a Rest API?
Hi @hierros,
I discussed your question with a colleague and you can use HTTP Event Collector to get data via REST. You'll want to make sure that the data coming from the endpoint is sent or repackaged in JSON format in order to use Event Collector. You might write a script that gets the data and packages it in JSON. As part of Event Collector, use a token and make sure your Splunk instance is listening on the Event Collector port, using that token.
Please refer to the HTTP Event Collector documentation for more details on getting started.
http://dev.splunk.com/view/event-collector/SP-CAAAE6M
I hope that this helps! Please let us know if not. It's also an option to contact support for more guidance.
All the best,
@frobinson_splunk