Access to the configuration of a group of one or more data forwarding destinations.
resource "splunk_outputs_tcp_group" "tcp_group" {
name = "tcp-group"
disabled = false
drop_events_on_queue_full = 60
send_cooked_data = true
max_queue_size = "100KB"
servers = ["1.1.1.1:1234", "2.2.2.2:1234"]
}
For latest resource argument reference: https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESToutput#data.2Foutputs.2Ftcp.2Fgroup
This resource block supports the following arguments:
name
- (Required) The name of the group of receivers.disabled
- (Optional) If true, disables the group.compressed
- (Optional) If true, forwarder sends compressed data. If set to true, the receiver port must also have compression turned on.drop_events_on_queue_full
- (Optional) If set to a positive number, wait the specified number of seconds before throwing out all new events until the output queue has space. Defaults to -1 (do not drop events).
heartbeat_frequency
- (Optional) How often (in seconds) to send a heartbeat packet to the receiving server.
Heartbeats are only sent if sendCookedData=true. Defaults to 30 seconds.method
- (Optional) Valid values: (tcpout | syslog). Specifies the type of output processor.max_queue_size
- (Optional) Specify an integer or integer[KB|MB|GB].
send_cooked_data
- (Optional) If true, events are cooked (processed by Splunk software). If false, events are raw and untouched prior to sending. Defaults to true.
Set to false if you are sending to a third-party system.servers
- (Optional) Comma-separated list of servers to include in the group.token
- (Optional) Token value generated by the indexer after configuration.acl
- (Optional) The app/user context that is the namespace for the resourceIn addition to all arguments above, This resource block exports the following arguments:
id
- The ID of the http event collector resource