Hi @yigaloz, What helped me identify errors in the configuration of this addon was enabling debug logging by editing the file $SPLUNK_HOME/etc/apps/TA-oci-logging-addon/bin/oci_logging.py, changing the string ERROR to DEBUG on line 42. Then restart Splunk. You can check the logs using the query: index=_internal source=*oci_logging.log Another possibility would be to install a previous version of the addon, which might work.
... View more
Yes, the Addon brings in any logs added to the streaming resource in Oracle Cloud Infrastructure. This includes the audit logs and VCN flow logs. Included in these log sources can be logs related to load balancers, cloud guard detections, object storage access and usage, and other insights into the infrastructure and its resources.
... View more
While not the splunk solution, check out here for an example deployment of Splunk BYOL in Oracle Cloud: https://github.com/vrich-100/Splunk_Oracle_Cloud_Deploy
... View more