Splunk Logging Using REST Post

I am attempting to create Splunk logs using a REST Post snap. I am successful when using a curl command, however, I want to transpose this into a Snaplogic solution. When I try to use Postman, I get the same error that I get with Snaplogic. Please help.





1 Like

@alex.panganiban.guild Try to paste same payload which is working fine in curl. Sometimes Splunk api designed to accepts specific attributes (like event/sourectype) as payload. I have faced same kind of issue and then resolve this way. All info dumps on one attributes.

1 Like

That’s the perfect solution!! Thank you! Because this is my first time working with Splunk, I was thinking that “event” was just another arbitrary element, however, Splunk is expecting “event” as a required key element. Once I discovered that “event” was an actual key element, I coded the HTTP Entity like this, and it worked perfectly. Thanks again for the support and great assist!

image

2 Likes