All Apps and Add-ons

Is there a specific method to pull Oracle Cloud Platform logs into Splunk? Would this require using REST API's or the HTTP Event Collector?

Communicator

We have an on-premise, distributed deployment in a clustered Splunk environment (index and search head clustering). Is there a recommendation on how the Oracle cloud logs should be ingested into Splunk? Upon doing some reseach, I noticed that both Splunk HTTP Collector and REST API Modular Inputs were recommended, so I'm interested in knowing what the community's thoughts are.

New Member

Check out this post: Oracle Identity Cloud Service: Integrating with Splunk
https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/idcs/idcs_splunk_obe/splunk.html#se...

It's focused on user login data, but does describe how to develop a custom application and ingest its events also.

If you're using the Oracle CASB Cloud Service for security monitoring, it's events may also be exported to Splunk.
Cloud > Cloud Platform > CASB Cloud Service > Exporting Risk Events to Splunk
https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/exporting-risk-events-splunk.html#GUID-4A2052...

0 Karma

I would like to know the answer to this as well.

0 Karma

Builder

Ditto, wondering the same.

0 Karma

Engager

Hi adnankan5133 - did you get an answer to this? Interested in the same question.

0 Karma