Links

Forwarders

Apica provides multiple targets to connect with your desired destination to collect, optimize, store, route, and replay your observability data – whenever, wherever you need it.
Currently, Apica supports the below targets
Target
Type
Description
Syslog, TCP, CEF
Forward syslog frames over TCP
Syslog, TCP
Forward ArcSight CEF frames over TCP
DataDog
JSON
Batched JSON forward to DataDogDataDog
JSON
Batched JSON forward to Dynatrace
JSON
Send data to an Elastic index
TCP
Syslog forwarder for RSA Netwitness
TCP, CEF
Syslog CEF forwarder for RSA Netwitness
JSON
Batched JSON forward to NewRelic
Splunk HTTP Event Collector
JSON
Batched JSON forward to Splunk
Splunk Universal / Heavy Forwarder
Syslog, TCP
Syslog forwarder for Splunk
Splunk Universal CEF Forwarder
Syslog, TCP, CEF
Syslog CEF forwarder for Splunk
Splunk Universal Forwarder / Heavy Forwarder
S2S
Forward data to Apica in Cooked mode
S3 Compatible
AWS S3, CEPH, Minio, GCP Cloud Storage, OCI Buckets
Azure Blob Storage
Native support for Azure blob storage API's

Configuring a Forwarder

To configure a Forwarder navigate to the Forwarder page first and Select your preferred forwarder
Below, an example of configuring a Splunk HTTP Event Collector is shown
  1. 1.
    Creating an HTTP Event Collector Data Input key from Splunk
    • Navigate to your Splunk Environment
    • Locate the Settings menu
    • Locate the Data Inputs sub-menu
    • Click on the New Token option which is located on the top banner
    • Enter a Token name and skip to the last page and click Done
    • Use the generated HTTP Event Collector key in Apica
  2. 2.
    Creating a Splunk HTTP Event Collector on Apica
    • Navigate to the Creaet Forwarders page
    • Click on Forwarders
    • Click on the Splunk HTTP Event Collector
    Create Forwarder
  • Fill out all the below fields and click save
    • buffer_size: The Buffer size for logs
    • host: Splunk Endpoint
    • password: Data Input Key created in step 1
    • port: Splunk server receiving port (default 8088)
    • type: log format (default _json, or set to _metric to send to a metric index)
    • user: UI username of Splunk Endpoint
    • name: Name of the forwarder
That's it. You've successfully created the Splunk HTTP Event Collector forwarder. Now navigate to the Explore page and start doing Mapping or Replay operation.