Events within RSA enVision can output directly to a flat file by way of the “lsdata” command. Based on specific criteria passed with the lsdata command, events collected are presented in a syslog formatted log file.
Example: lsdata –events syslog –time start now >> log.unx
After that you can have these files be picked up by Splunk UF/HF and forward them to your Splunk index.
/D
It seems that is an EnVision question, not a Splunk question.
Yes, I'm in contact with Splunk Professional Services and they confirmed they can arrange to pull data from enVision.
Yahmza, did you manage to find an answer to your question elsewhere? I am considering the use of Splunk within my environment and integration with EnVision would be key.
No, and the question is not a Splunk question, therefore I'm just pointing out that you'd be better off asking the same question in en EnVision forum.
This is not an answer.