Getting Data In

Is there a way to validate the URI for HTTP Event Collector?

gauravmishra15
Path Finder

I am trying to leverage Powershell to POST the event in form of JSON. The Invoke-WebRequest does not work well. Is there a way to validate the URI for HTTP Event Collector to rule out the possibility of a wrong URI?

$Token = "B50D09B4-HG24-8N52-JN38-8h8ASD789998"
$URL = "https://localhost:8088/services/collector"
$Headers = @{"Authorization"=("Splunk " + $Token)}
$Body = '{"event" : "Hello !"}' | ConvertTo-Json

$Result = Invoke-WebRequest -URI $URL -Headers $Headers -Body $Body -Method POST -ContentType "Application/JSON"
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

What error do you get? Are you including $Token in the request?

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway
SplunkTrust
SplunkTrust

What error do you get? Are you including $Token in the request?

---
If this reply helps you, Karma would be appreciated.

gauravmishra15
Path Finder

Great question! I've added Token as a session variable in my Invoke-WebRequest command, it is working now!

Here is the command for viewers' reference:

$Result = Invoke-WebRequest -URI $URL -Headers $Headers -Body $Body -Method POST -ContentType "Application/JSON" -SessionVariable "$Token"

Thank you Rich!

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...