Getting Data In

Oracle Cloud (OCI) WAF Logs Ingestion

adnankhan5133
Communicator

Hi,

Does anyone know how to ingest the WAF logs generated by the Oracle Cloud Web Application Firewall service? The logs are generated in the format indicated here (https://docs.cloud.oracle.com/en-us/iaas/Content/WAF/Tasks/logs.htm) and I can not seem to find any TA or App that can facilitate the log ingestion from the OCI WAF.

Any assistance is certainly appreciated!

Thanks!

 

0 Karma

Akkirotti
New Member

You can try storing the logs to oracle object storage and from there you can try downloading to your HF via scripts and then ingest. 

The current TA which oracle recommends is out of support and archived in splunk base.

0 Karma

adnankhan5133
Communicator

The logs are configured in JSON format, if that helps.

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...