Forwarders

Apica provides multiple targets to connect with your desired destination to collect, optimize, store, route, and replay your observability data – whenever, wherever you need it.

Currently, Apica supports the below targets

Target
Type
Description

Syslog, TCP, CEF

Forward syslog frames over TCP

Syslog, TCP

Forward ArcSight CEF frames over TCP

JSON

Batched JSON forward to DataDogDataDog

JSON

Batched JSON forward to Dynatrace

JSON

Send data to an Elastic index

TCP

Syslog forwarder for RSA Netwitness

TCP, CEF

Syslog CEF forwarder for RSA Netwitness

JSON

Batched JSON forward to NewRelic

Splunk HTTP Event Collector

JSON

Batched JSON forward to Splunk

Splunk Universal / Heavy Forwarder

Syslog, TCP

Syslog forwarder for Splunk

Splunk Universal CEF Forwarder

Syslog, TCP, CEF

Syslog CEF forwarder for Splunk

Splunk Universal Forwarder / Heavy Forwarder

S2S

Forward data to Apica in Cooked mode

S3 Compatible

AWS S3, CEPH, Minio, GCP Cloud Storage, OCI Buckets

Azure Blob Storage

Native support for Azure blob storage API's

Configuring a Forwarder

To configure a Forwarder navigate to the Forwarder page first and Select your preferred forwarder

Below, an example of configuring a Splunk HTTP Event Collector is shown

  1. Creating an HTTP Event Collector Data Input key from Splunk

    • Navigate to your Splunk Environment

    • Locate the Settings menu

    • Locate the Data Inputs sub-menu

    • Click on the New Token option which is located on the top banner

    • Enter a Token name and skip to the last page and click Done

    • Use the generated HTTP Event Collector key in Apica

  2. Creating a Splunk HTTP Event Collector on Apica

    • Navigate to the Creaet Forwarders page

    • Click on Forwarders

    • Click on the Splunk HTTP Event Collector

  • Fill out all the below fields and click save

    • buffer_size: The Buffer size for logs

    • host: Splunk Endpoint

    • password: Data Input Key created in step 1

    • port: Splunk server receiving port (default 8088)

    • type: log format (default _json, or set to _metric to send to a metric index)

    • user: UI username of Splunk Endpoint

    • name: Name of the forwarder

That's it. You've successfully created the Splunk HTTP Event Collector forwarder. Now navigate to the Explore page and start doing Mapping or Replay operation.

Last updated