Splunk HTTP Event Collector (HEC) Destination

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Use Observability Pipelines’ Splunk HTTP Event Collector (HEC) destination to send logs to Splunk HEC.

Setup

Set up the Splunk HEC destination and its environment variables when you set up a pipeline. The information below is configured in the pipelines UI.

Set up the destination

  • Splunk HEC 주소:
    • 관측 가능성 파이프라인 Worker가 로그를 수신하기 위해 수신 대기하는 바인딩 주소는 원래 Splunk 인덱서용입니다. 예: 0.0.0.0:8088 참고: /services/collector/event는 엔드포인트에 자동으로 추가됩니다.
    • 환경 변수 DD_OP_SOURCE_SPLUNK_HEC_ADDRESS에 저장됩니다.

Set the environment variables

  • Splunk HEC token:
    • The Splunk HEC token for the Splunk indexer.
    • Stored in the environment variable DD_OP_DESTINATION_SPLUNK_HEC_TOKEN.
  • Base URL of the Splunk instance:
    • The Splunk HTTP Event Collector endpoint your Observability Pipelines Worker sends processed logs to. For example, https://hec.splunkcloud.com:8088.
      Note: /services/collector/event path is automatically appended to the endpoint.
    • Stored in the environment variable DD_OP_DESTINATION_SPLUNK_HEC_ENDPOINT_URL.

How the destination works

Event batching

A batch of events is flushed when one of these parameters is met. See event batching for more information.

Max EventsMax BytesTimeout (seconds)
None1,000,0001