Hi @yigaloz, What helped me identify errors in the configuration of this addon was enabling debug logging by editing the file $SPLUNK_HOME/etc/apps/TA-oci-logging-addon/bin/oci_logging.py, changing the string ERROR to DEBUG on line 42. Then restart Splunk. You can check the logs using the query: index=_internal source=*oci_logging.log Another possibility would be to install a previous version of the addon, which might work. ... View more

This looks more like a permissions issue, probably for authorizing instance principal authentification in your OCI deployment. ... View more

Moh, Please email the POC provided in the "Contact" tab of the splunkbase listing: https://splunkbase.splunk.com/app/5222 ... View more

Yes, the Addon brings in any logs added to the streaming resource in Oracle Cloud Infrastructure. This includes the audit logs and VCN flow logs. Included in these log sources can be logs related to load balancers, cloud guard detections, object storage access and usage, and other insights into the infrastructure and its resources. ... View more

While not the splunk solution, check out here for an example deployment of Splunk BYOL in Oracle Cloud: https://github.com/vrich-100/Splunk_Oracle_Cloud_Deploy ... View more