Connectors

Splunk

Setup New HTTP Event Collector Input in Splunk and Send Data

This document provides step-by-step instructions on how to add a new HTTP Event Collector (HEC) input in Splunk and how to send data to it using Postman.

Steps to Create HTTP Event Collector in Splunk

1. Login to Splunk

Open your Splunk instance and log in with your credentials.

2. Navigate to Data Inputs

Click on the Settings in the menu bar.
From the dropdown menu, click on Data Inputs.

3. Add New HTTP Event Collector

In the Data Inputs page, click on HTTP Event Collector.

4. Configure HTTP Event Collector

In the Add Data page, provide a name for the data input.
Click the Next button.

5. Set Source Type and Index

For the Source type, select Automatic.
Select Index as main.
Click Review.

6. Submit and Copy Token

Click Submit.
You will see the token value. Copy and store this token safely.

Example token: fa07d36b-5435-4e44-a7cc-7756d6b03e022 .

In the Platform (Bolster Platform):

1. Login to the Platform:

2. Navigate to Automation:

3. Click on the Integration tab, Go to Splunk Connector.

4. Create New Connector:

In the New Splunk Connector popup, provide a name for the connector.

5. Input Splunk URL:

In the URL field, paste the URL: https://{yourUrl:8088}/services/collector/raw

6. Add Token Value:

In the Token Value field, Paste The Splunk {copied_token} .

7. Test and Save Connector:

Click on Test Connector to ensure everything is set up correctly.
Once the test is successful, click Save.

By following these steps, you can successfully set up a connection to send data from your platform to Splunk . This integration allows for automated data transfers and notifications directly within your Splunk env.

Verify the data from platform in SPLUNK