Get full access to Splunk 7.x Quick Start Guide and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Configuring an HTTP Event Collector

Another very versatile and highly scalable way of getting data into Splunk is via the HTTP Event Collector (HEC), which is a solution that listens for HTTP requests containing JSON objects. The HTTP Event Collector can collect data at extremely high volumes from many devices and data sources, all on a single port. Another interesting feature of using HEC is that the host, index, source, and sourcetype associated with a given data source can be specified within the JSON object of each received event.

The HTTP Event Collector uses a token-based authentication model; you configure a new token in Splunk, and give that token to your application developers who then include it in each event sent to Splunk.

Get Splunk 7.x Quick Start Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now