All Apps and Add-ons

Is there a specific method to pull Oracle Cloud Platform logs into Splunk? Would this require using REST API's or the HTTP Event Collector?

adnankhan5133
Communicator

We have an on-premise, distributed deployment in a clustered Splunk environment (index and search head clustering). Is there a recommendation on how the Oracle cloud logs should be ingested into Splunk? Upon doing some reseach, I noticed that both Splunk HTTP Collector and REST API Modular Inputs were recommended, so I'm interested in knowing what the community's thoughts are.

AlanHall
New Member

Check out this post: Oracle Identity Cloud Service: Integrating with Splunk
https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/idcs/idcs_splunk_obe/splunk.html#se...

It's focused on user login data, but does describe how to develop a custom application and ingest its events also.

If you're using the Oracle CASB Cloud Service for security monitoring, it's events may also be exported to Splunk.
Cloud > Cloud Platform > CASB Cloud Service > Exporting Risk Events to Splunk
https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/exporting-risk-events-splunk.html#GUID-4A2052...

0 Karma

criticalstartms
Explorer

I would like to know the answer to this as well.

0 Karma

paimonsoror
Builder

Ditto, wondering the same.

0 Karma

abev14
Engager

Hi adnankan5133 - did you get an answer to this? Interested in the same question.

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Unified Identity - Now Available for Existing Splunk ...

Raise your hand if you’ve already forgotten your username or password when logging into an account. (We can’t ...

Index This | How many sides does a circle have?

February 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...