Splunk Logging Using REST Post

Question

I am attempting to create Splunk logs using a REST Post snap. I am successful when using a curl command, however, I want to transpose this into a Snaplogic solution. When I try to use Postman, I get the same error that I get with Snaplogic. Please help.

alex_panganiban · Answer

That’s the perfect solution!!  Thank you! Because this is my first time working with Splunk, I was thinking that “event” was just another arbitrary element, however, Splunk is expecting “event” as a required key element. Once I discovered that “event” was an actual key element, I coded the HTTP Entity like this, and it worked perfectly.  Thanks again for the support and great assist!

supratim · Answer

@alex.panganiban.guild Try to paste same payload which is working fine in curl. Sometimes Splunk api designed to accepts specific attributes (like event/sourectype) as payload. I have faced same kind of issue and then resolve this way. All info dumps on one attributes.

Forum Discussion

Splunk Logging Using REST Post

Recent Discussions

Javascript to promote top level lists

Google Sheets Subscribe questions

Basic string transformations not working

Can we generate XML file in pretty print format using native snapLogic snaps?

Multipart Reader failure - 'content-type' was not found