Prerequisites
Before configuring your Edge Processor to receive data through HEC, complete the following tasks:
- In the Edge Processor service, make sure that the shared Edge Processor settings specify an appropriate port for receiving HEC data. By default, port 8088 is used. To verify or change the designated port, navigate to the Edge Processors page and then select Shared settings. The port number is specified in the HTTP Event Collector section of the Edge Processor shared settings page. See Configure shared Edge Processor settings for more information.
- On the host machine of your Edge Processor, make sure that the port for receiving HEC data is available and your network policy allows that port to be opened.
- If the HTTP requests from your data source include a HEC token, turn off the Enable indexer acknowledgement setting on that token.
- If the HTTP requests from your data source include a HEC token and you want to use it for authorization, add that token in the HTTP Event Collector section of the Edge Processor shared settings page. See Configure HEC token authentication in the Edge Processor service and Authorization header in this topic for more information.
- To secure communications between your data source and your Edge Processor using TLS or mutually authenticated TLS (mTLS), which means that the data source and the Edge Processor must prove their identities by presenting valid TLS certificates before they can connect and communicate with each other, do the following:
- If you want to use mTLS then obtain the following certificates in Privacy Enhanced Mail (PEM) format:
- A client certificate, CA certificate, and private key that the data source can use to prove its identity.
- A server certificate, CA certificate, and private key that the Edge Processor can use to prove its identity.
- If you want to use TLS, then you must have the following certificates in PEM format:
- A server certificate, CA certificate, and private key that the Edge Processor can use to prove its identity.
These certificates can be self-signed or they can be signed by a third-party. See Obtain TLS certificates for data sources and Edge Processors for information on generating client and server certificates.
- If you want to use mTLS then obtain the following certificates in Privacy Enhanced Mail (PEM) format: