Stream logs to Splunk
DataStream supports sending uncompressed logs to Splunk. It is an interface that lets you search, monitor, and analyze your data.
Before you begin
- To use Splunk as a destination for your logs, you need to set up an HTTP event collector instance (HEC), create a token, and enable it. Set up an HEC instance that matches the type of Splunk software you use. See Set up and use HTTP Event Collector in Splunk Web.
- Make note of the HEC token that you enabled.
- Make note of the URL for your event collector. The URL structure depends on the type of your Splunk instance. See Send data to Event Collector.
- In Destination name, enter a human-readable description for the destination.
- In Destination type, select Sumo Logic.
In Splunk cloud URL, enter the URL where you want to
send your logs.
For example, https://<splunk-host>:8088/services/collector/event/logs
- In Authorization Token, enter the HEC token for your event collector.