Send data to Splunk Cloud Platform with ITE Work data collection agents
You have to specify a particular hostname and HTTP Event Collect (HEC) port when you configure data collection agents to send data to Splunk Cloud Platform.
When you deploy a universal forwarder to send data to Splunk Cloud Platform, confirm that you already configured credentials for the universal forwarder. For more information, see Configure a universal forwarder to send data to ITE Work in Splunk Cloud Platform.
Use Splunk Web to configure data collection
If you're using the Data Integrations page in ITE Work, use these field value pairs, when required, so the data collection agents ITE Work configures can send data to Splunk Cloud Platform:
Field | Value |
---|---|
Monitoring Machine | http-inputs-<cloud_hostname>.splunkcloud.com |
HEC port | 443 |
Configure the universal forwarder for Splunk Cloud Platform
You need to install the Forwarder app on Splunk Cloud Platform to install the universal forwarder. A universal forwarder require a hostname and receiver port. For more information, see Use forwarders to get data in to Splunk Cloud in the Splunk Cloud Getting Data in Manual.
Manually configure collectd to collect data
You have to specify server and port for Splunk Cloud Platform in the write_splunk
collectd plug-in in collectd.conf. Collectd requires a hostname and HEC port. The plug-in looks like this for Splunk Cloud Platform:
<Plugin write_splunk> server "http-inputs-<cloud_hostname>.splunkcloud.com" port "443" token "<HEC TOKEN>" ssl true verifyssl false Dimension "entity_type:nix_host" Dimension "key2:value2" </Plugin>
Configure a universal forwarder to send data to ITE Work in Splunk Cloud Platform | CreateContentPacks |
This documentation applies to the following versions of Splunk® IT Essentials Work: 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.10.0 Cloud only, 4.10.1 Cloud only, 4.10.2 Cloud only, 4.10.3 Cloud only, 4.10.4 Cloud only, 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.6, 4.12.0 Cloud only, 4.12.2 Cloud only, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.14.0 Cloud only, 4.14.1 Cloud only, 4.14.2 Cloud only, 4.15.0, 4.15.1, 4.15.2, 4.15.3, 4.16.0 Cloud only, 4.17.0, 4.17.1
Feedback submitted, thanks!