Configure and Deploy via HEC¶
To avoid losing data, the Splunk HTTP Event Collector (HEC) shall be already configured and ready to receive data.
Set the Environment Variables¶
Clone the repository and execute:
$~ cd examples/hec
$~ cp .env-example .env
# Add your values to the required variables
$~ vi .env
# Load the environment variables
$~ source .env
Configure the Deployment¶
Edit examples/hec/main.tf as explained below
module "main" {
source = "../.."
<!-- Set the AWS Account Region field to match your region -->
aws_account_region = "eu-west-2"
<!-- Set S3 bucket name. Must be unique within the specified AWS region. -->
s3_bucket_name = "test-bucket"
<!-- Set your Splunk URL -->
splunk_url = "https://http-inputs-mydomain.splunkcloud.com:443"
<!-- Set your Splunk HEC -->
splunk_hec = "B5A79AAD-D822-46CC-80D1-819F80D7BFB0"
}
Usage¶
# Initialize the terraform providers
$~ terraform init
# Preview the changes that terraform plans to make to your infrastructure
$~ terraform plan
# Deploy (--auto-approve to avoid being prompted to confirm the changes)
$~ terraform apply