Hi,
I am trying out a scenario where I need to connect to Splunk Cloud using MuleSoft ESB. I have registered to Splunk Cloud and I am provided with the host (xxxxxxxxx.cloud.splunk.com). But via MuleSoft I am not able to connect. I could not even ping or telnet the host. I am also not aware of the port. I have tried these combination of ports (9997, 8089, 1024, 443, 8000). But none are reachable.
Could anyone help me on this.
Thanks,
Amala
First, I have edited your question to remove the actual host name from the post. You really shouldn't expose that information to the general public.
Second, to connect to a Splunk Cloud server, you also need the right certificates and authentication. My guess is that this is the problem.
For a forwarder, there is a special app that provides the authentication that you need. I am not familiar with the Mulesoft ESB, but another alternative is to use the HTTP Event Collector (HEC). In order to use the HEC, you need a security token that must be provided with each event that is submitted.
You will need to get the special app or the security token from your admin team. File a ticket with them.
Hi,
I tried using HEC and configured log4j as mentioned below in Mule. Im getting connection timed out error.
<Http name="Splunk"
url="https://*****.com:8088/services/collector/raw">
<Property name="Authorization" value="*****" />
<PatternLayout pattern="%-5p %d [%t] %X{correlationId}%c: %m%n" />
</Http>
2019-05-31 20:37:13,484 Log4j2-TF-7-AsyncLoggerConfig--4 ERROR Unable to send HTTP in appender [Splunk] java.net.ConnectException: Connection timed out: connect
Any idea.