Can I disable token/security for the http event collector? We have an internal app which has a log via http option. But there is no option in the app to put a token. I am GUESSING it should work if we can disable the token.
The input is defined in an inputs.conf file. You might be able to remove the token from the inputs.conf file, but I doubt if that works (I suspect Splunk is checking, even if the token is an empty string). Feel free to try and let us know!
