EDIT UPDATE 2024 Jun 4 - SSL VERIFY
Added this line to bottom of config for HEC as HEC stops working with version updates:
verify_ssl: False
EDIT: I FIXED IT - it was an SSL mismatch. I just had to add ‘ssl: true’ to the config below since I have SSL enabled for HEC on the Splunk side. This is awesome!! Now I can finally migrate everything else from SmartThings to HASS. I was holding out because I have visuals and alerts in Splunk to monitor home pump activity over time, which the HASS dashboard can’t do since it cannot trigger events based on historical calculations.
ORIG POST:
Hi, I’m new here, not sure where to post this, didn’t find anything using a search here or in Google.
I configured my Hass OS on a Pi to send HEC tokens to my Splunk server on the same LAN network, using the stanza below in configuration.yaml and restarted.
I don’t see any HEC coming into Splunk, even with the firewall disabled and getenforce off (on Splunk server).
I first tried syslog, but apparently there is no way to get that running on the Hass OS that I can see.
### MY HEC to Splunk entry with SSL enabled
### Only set SSL false if internal device and you cannot use or generate a valid SSL cert, it's not secure to use self signed and/or disable SSL verification
splunk:
token: f49bla-bla-bla-bla
host: 192.168.7.101
port: 8088
ssl: true
verify_ssl: False
Thanks in advance!