We offer a third party solution (Alliance LogAgent) that sends IBM i security events in syslog format to Splunk in real time. It works great for in-house deployments, but we have prospective customers who would like to use Splunk in the AWS cloud. I checked and I don't see a Universal Forwarder for the IBM i server platform. So a couple of questions come to mind:
1) Is it possible to send data to a Splunk AWS instance using standard syslog communications?
2) If we deployed a Windows or Linux instance of the Universal Forwarder, could we send security events from the IBM i server to the in-house instance of the Universal Forwarder, and then have it go to Splunk in AWS?
3) Is there an open source version of the Universal Forwarder?
Thanks,
Patrick
... View more