KB 018 – Splunk Setting up HTTP EC
Splunk Setting up HTTP EC
Settings > Data inputs > HTTP Event Collector. Then click the Global Settings button in the upper-right corner. This will bring up the following configuration screen for EC:
Click the Enable button, and then click Save. You’ve just turned on HTTP Event
Collector.
Note: For Splunk Cloud, you can turn on HTTP Event Collector using these instructions if your account is self-service or a trial. Otherwise, file a request ticket with Splunk Support.
Now that EC is turned on, create a new HTTP Event Collector token. From the HTTP Event Collector page, click the New Token button.
The Select Source screen of the Add Data workflow appears. This is where you name and describe the EC input, specify (if you want) a source field name to give to all data accepted with
this input’s token, and optionally specify an output group (a named group of Splunk indexers).
34ACC472-B7D2-4279-8244-9369D05DB9A0