I'm looking for the best way of sending data from Splunk to Kafka. The only way I found so far, is to set up a "middle" server, which receives data from the HF and acts like a producer for the Kafka. The middle server Requires maintenance, so I'm looking for a good solution without any other component except Splunk and Kafka.
Asked
Active
Viewed 1,016 times
4
-
I don't know if splunk heavy forwarder supports the Splunk Http Event Collector which is the interface allowing an app to log splunk. the forwarder may be using the same mechanism, which means you can replace this interface with SplunkHttpSourceConnector in order to log instead to kafka. you can check this link and see if you manage to use that configuration with splunk HF >> https://jcustenborder.github.io/kafka-connect-documentation/projects/kafka-connect-splunk/sources/SplunkHttpSourceConnector.html – Hichem BOUSSETTA Apr 09 '19 at 23:10