We have an on-premise, distributed deployment in a clustered Splunk environment (index and search head clustering). Is there a recommendation on how the Oracle cloud logs should be ingested into Splunk? Upon doing some reseach, I noticed that both Splunk HTTP Collector and REST API Modular Inputs were recommended, so I'm interested in knowing what the community's thoughts are.
Check out this post: Oracle Identity Cloud Service: Integrating with Splunk
https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/idcs/idcs_splunk_obe/splunk.html#se...
It's focused on user login data, but does describe how to develop a custom application and ingest its events also.
If you're using the Oracle CASB Cloud Service for security monitoring, it's events may also be exported to Splunk.
Cloud > Cloud Platform > CASB Cloud Service > Exporting Risk Events to Splunk
https://docs.oracle.com/en/cloud/paas/casb-cloud/palug/exporting-risk-events-splunk.html#GUID-4A2052...
I would like to know the answer to this as well.
Ditto, wondering the same.
Hi adnankan5133 - did you get an answer to this? Interested in the same question.