We will examine the integration logs and further instruct you. Please contact our support team indicating the error. Please try again later.Įdit the token at the Splunk Platform and make sure to untick Indexer Acknowledgement. 503 Service Unavailable Server is busy There are too many requests pending in the Splunk server queue. Invalid token Please make sure you entered a valid token.ĥ00 Internal Error Internal server error Please contact our support team indication the error. 401 Unauthorized Invalid authorization Please make sure you entered a valid token. The following status codes have particular meaning for all HTTP Event Collector endpoints: HTTP status code ID HTTP status code Status message Action requiredĢ00 OK Success None 403 Forbidden Token disabled Enable token at Splunk Web. Authentication token : Enter the token you generated at Splunk.ģ.Verify Server SSL Certificate (HTTPS only): If you are using a self-signed certificate disable SSL verification, however, if you are using a CA-signed certificate make sure to enable it. Protocol : HTTP for a free trial and HTTPS for paid.HEC port : 8088 for Splunk Cloud free trial and 443 for Splunk Cloud paid.HEC Host : Enter an appropriate value according to your Splunk tier (replace with your Splunk server hostname).Log in to your Perimeter 81 Management Platform, and navigate to Settings, and select Add at the Splunk row.You need to configure the integration from the Perimeter 81 side. Confirm that all settings for the endpoint are what you want.Make sure indexer acknowledgment is disabled for this token. The Splunk App for Infrastructure integration was removed from ITSI in versions 4.9.x and higher.In the Name field, enter a name for the token.To have HEC listen and communicate over HTTPS rather than HTTP, click the Enable SSL checkbox (This is enabled by default in Splunk Cloud and can be disabled in Splunk Enterprise only).In the All Tokens toggle button, select Enabled.Enabling an HTTP Event CollectorĪccording to official Splunk documentation, Managed Splunk Cloud customers may need to contact Splunk support to perform this step. You do not need to include Splunk credentials in your app or supported files. This process eliminates the need for a Splunk forwarder when you send application events.Īfter you enable HEC, you can use HEC tokens in your app to send data to HEC. You can generate a token and then configure a logging library or HTTP client with the token to send data to HEC in a specific format. HEC uses a token-based authentication model. As the name suggests Splunk cloud is hosted on a cloud server which is maintained by Splunk where in Splunk enterprise is maintenaned in your data center. The HTTP Event Collector (HEC) lets you send data and application events to a Splunk deployment over the HTTP and Secure HTTP (HTTPS) protocols. Handling possible error codes Setting up the Splunk Event Collector. You can configure Splunk Cloud to have full visibility of your Perimeter 81 activities. Splunk collects data from websites, applications, sensors, devices, and so on. It is a software product that enables you to search, analyze, and view the data gathered from the components of your IT infrastructure or business. If you need training on the Splunk platform and IT Service Intelligence, see Splunk Training and Certification.This article describes how to configure Splunk Cloud. This manual is written for a user capable of installing, configuring, and administering Splunk software.
0 Comments
Leave a Reply. |