It totally depends on the log source you are dealing with. Windows/Linux: Install UF, add Splunk Cloud Credential File. Edit input.conf file if you want to change the Index. Firewall Logs: If you have a Syslog server in place, install a UF on it and redirect the logs from the Syslog folder to it. If you do not have a Syslog server, you can use a Heavy Forwarder configured as a Syslog Receiver. Cloud-Based: Check for supported apps. Most of them support API based integration, which is easy to do. Each app includes the steps to follow. Let me know if you have any specific devices in question. I am no expert, but will definitely try to help you out.
... View more