Hi everyone, The user guide section for the om_http module explains: Each event is transferred in a single POST request. https://nxlog.co/documentation/nxlog-user-guide#om_http When https is used, is the TLS handshake also performed for each event? This seems like it would be quite inefficient. Are there any plans to support bulk / batch exporting of many events in a single http post, specifically for exporting data to the Splunk HEC? rsyslog and syslog-ng support batch exporting events to Splunk using the external python script omsplunkhec.py, as explained here: https://www.splunk.com/blog/2017/03/30/syslog-ng-and-hec-scalable-aggregated-data-collection-in-splunk.html NXLog supports batch exporting events to Elasticsearch using their bulk API: https://nxlog.co/documentation/nxlog-user-guide#om_elasticsearch

With reference to the following guide for sending NXLog output to Splunk using HEC: https://nxlog.co/documentation/nxlog-user-guide#splunk-hec-collection The NXLog community edition om_http is missing the add_http_header() procedure: https://nxlog.co/docs/nxlog-ce/nxlog-reference-manual.html#om_http This means it is not possible to output nxlog-ce data to http where a header needs to be added to the http post, such as the Splunk HEC: https://docs.splunk.com/Documentation/Splunk/7.0.3/Data/HECWalkthrough Is this functionality deliberately missing from the community edition, or can it please be added?