All Apps and Add-ons

Is there a specific method to pull Oracle Cloud Platform logs into Splunk? Would this require using REST API's or the HTTP Event Collector?

adnankhan5133
Communicator

We have an on-premise, distributed deployment in a clustered Splunk environment (index and search head clustering). Is there a recommendation on how the Oracle cloud logs should be ingested into Splunk? Upon doing some reseach, I noticed that both Splunk HTTP Collector and REST API Modular Inputs were recommended, so I'm interested in knowing what the community's thoughts are.

AlanHall
New Member

Check out this post: Oracle Identity Cloud Service: Integrating with Splunk
https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/idcs/idcs_splunk_obe/splunk.html#se...

It's focused on user login data, but does describe how to develop a custom application and ingest its events also.

If you're using the Oracle CASB Cloud Service for security monitoring, it's events may also be exported to Splunk.
Cloud > Cloud Platform > CASB Cloud Service > Exporting Risk Events to Splunk
https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/exporting-risk-events-splunk.html#GUID-4A2052...

0 Karma

criticalstartms
Explorer

I would like to know the answer to this as well.

0 Karma

paimonsoror
Builder

Ditto, wondering the same.

0 Karma

abev14
Engager

Hi adnankan5133 - did you get an answer to this? Interested in the same question.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...