I am attempting to create Splunk logs using a REST Post snap. I am successful when using a curl command, however, I want to transpose this into a Snaplogic solution. When I try to use Postman, I get the same error that I get with Snaplogic. Please help.

image1231×74 13.8 KB

image1471×608 47.6 KB

image1463×587 51.8 KB

image1560×513 117 KB

image815×620 63.6 KB

@alex.panganiban.guild Try to paste same payload which is working fine in curl. Sometimes Splunk api designed to accepts specific attributes (like event/sourectype) as payload. I have faced same kind of issue and then resolve this way. All info dumps on one attributes.

That’s the perfect solution!! Thank you! Because this is my first time working with Splunk, I was thinking that “event” was just another arbitrary element, however, Splunk is expecting “event” as a required key element. Once I discovered that “event” was an actual key element, I coded the HTTP Entity like this, and it worked perfectly. Thanks again for the support and great assist!