If you want to secure your HEC receivers in Edge Processor by using HEC tokens, configure your shared Edge Processor settings to turn on token authentication.

The following instructions mention only the settings that are related to HEC token authentication. For information about other shared Edge Processor settings, see Configure shared Edge Processor settings.

1. To secure the HEC receiver in your Edge Processors by requiring incoming HTTP requests to be authenticated using a HEC token, do the following:
   1. In the Token authentication section, select New token.
   2. In the Add HEC token section, enter your token value in the Token value field.
      Make sure to add the correct HEC token. If an invalid HEC token is used for token authentication, there could be possible data loss during the time of data ingestion. See Troubleshoot the Edge Processor solution for more information.
   3. (Optional) In the Source field enter a source value that you want to assign to the data that is received through this HEC token.
   4. (Optional) In the Source type field enter a sourcetype value that you want to assign to the data that is received through this HEC token.
2. Select Add.

When token authentication is turned on, data sources can only send data to the Edge Processor through HEC if the HTTP request includes a matching HEC token. The token authentication feature is activated when at least one HEC token is added. If you want to deactivate the token authentication feature, you must delete all added tokens. See How the Splunk platform uses HTTP Event Collector tokens to get data in in the Splunk Enterprise Getting Data In manual for more information.