How can I get my edge nodes to send data to Cribl cloud so it can be seen in my end destination?
Best Answer
-
1/ When you have an edge client the processing and sending of the data is carried out by the edge client and not by the workers in Cribl Stream.
2/ As an example if you sending data to a Splunk HEC destination and you are using EC2 instances as your edge clients you will need to add an entry to permit a connection to http-inputs-<stackname>.splunkcloud.com in the outbound rules for the security groups of your EC2 instances being used as the edge clients. This will allow the data collected by the Edge to be sent to Splunk HEC.
3/ You also need to have the addresses of your Cribl cloud leader which can be found from the output of a nslookup from the URL <cribl cloud org>.cribl.cloud in your outbound rules for the security groups of your EC2 instances too as these are classed as managed edge nodes in the edge fleet. This allow edge node to leader communications.0
Answers
-
1/ When you have an edge client the processing and sending of the data is carried out by the edge client and not by the workers in Cribl Stream.
2/ As an example if you sending data to a Splunk HEC destination and you are using EC2 instances as your edge clients you will need to add an entry to permit a connection to http-inputs-<stackname>.splunkcloud.com in the outbound rules for the security groups of your EC2 instances being used as the edge clients. This will allow the data collected by the Edge to be sent to Splunk HEC.
3/ You also need to have the addresses of your Cribl cloud leader which can be found from the output of a nslookup from the URL <cribl cloud org>.cribl.cloud in your outbound rules for the security groups of your EC2 instances too as these are classed as managed edge nodes in the edge fleet. This allow edge node to leader communications.0