Currently we have getting the Sailpoint log data using universal forwarder from sailpoint box. We got an another requirement, where we need to get the sailpoint syslog and input that to splunk using udp or tcp port instead of using forwader.
Please help me with the below points
SailPoint side configurations
how to enable syslog at sailpoint side
how to input syslog to Splunk using udp or tcp ie without using forwarder.
Explored Splunk thycotic app as well, in thycotic server there is out of box configurations to input the thycotic server syslog to Splunk udp or tcp port.
Similary is there out of box configurations given from sailpoint side