Kinesis Firehose: Receiving error message, unable ...

mycloudsplunk · ‎07-15-2019

Hi,
I'm ingesting Cloudwatch logs to Splunk cloud HEC using Kinesis firehose stream. But I'm getting the error as "Could not connect to the HEC endpoint. Make sure that the certificate and the host are valid." I referred following doc "https://docs.splunk.com/Documentation/AddOns/released/Firehose/RequestFirehose" in which they mentioned to "Submit a case on the Splunk Support Portal. In the case, ask Splunk Support to enable HTTP event collector and create or modify an elastic load balancer to use with this add-on.
Wait for Splunk Support to perform the necessary setup and confirm with you once the HTTP event collector is enabled and your elastic load balancer is ready for use. Splunk Support will confirm the URL that you should use for your HTTP event collector endpoint. It should match this format: https://http-inputs-firehose-.splunkcloud.com:443. "

But right now I'm using the trial version in which I don't have the privilege to open a support ticket and I want to test Firehose Integration with Splunk. Please help here.

mycloudsplunk · ‎07-15-2019

Hi @amiracle , Thanks for your reply. I didn't get your answer. Which team are you referring to in the sentence 'contact your team and they can help you validate it through a Splunk Cloud POC. '?

amiracle · ‎07-15-2019

You will not be able to send Kinesis Data Firehose to the trial Splunk Cloud instances. If you want to test this out, please contact your team and they can help you validate it through a Splunk Cloud POC.

amiracle · ‎07-15-2019

I’m sorry , I meant your Splunk Account Team.

Kinesis Firehose: Receiving error message, unable to open support ticket on free trial

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases