We have an SFTP server with logs saved. We want to integrate those logs with Splunk, but we can't install an universal forwarder in that server. What options do we have? Push data from the server? Pull that logs from the HF?
We can't use UF
is it possible that someone configure syslog to send those logs to your UF/HF/Indexers?
I dont think so,
It is better to do a pull from our HF I think