I set up an new Splunk Light account to test out the functionality of Splunk and would like to send data using the HTTP Event Collector.
According to the docs (http://dev.splunk.com/view/event-collector/SP-CAAAE7F), I am supposed to enable the HTTP Event Collector, which I have done:
and then create a token, which I have done:
But on the review page, there is not "Host" value. I assume the host is the same host that I am using the create the tokens, something like:
https://prd-p-2lsvqbvxyzzzzz.cloud.splunk.com
So according to the docs, I should be able to post data, but for some reason it times out:
curl -k https://prd-p-2lsvqbxyzzzzz.cloud.splunk.com:8088/serivces/collector -H "Authorization: Splunk my-secret-token" -d '{"sourcetype": "curl", "event":"Hello, World!"}'
curl: (7) Failed to connect to prd-p-2lsvqbxyzzzzz.cloud.splunk.com port 8088: Connection timed out
Any idea why it is failing? Do I have everything set up correctly?
Thanks!
Because you have misspelt the endpoint in the URL ( serivces/collector
) instead of ( services/collector
)
This is what you have:
https://prd-p-2lsvqbxyzzzzz.cloud.splunk.com:8088/serivces/collector
This is what it should be:
https://prd-p-2lsvqbxyzzzzz.cloud.splunk.com:8088/services/collector