Hello Splunk members,
We would like to set up a SIEM for our clients. The architecture is :
A SIEM Server hosted in our Datacenter
SIEM Clients or SIEM child servers hosted in client's datacenter.
Data coming from each client are independants
Administration of SIEM clients is done from SIEM Server
We could specify user per client ( so that this user can't see logs coming from other clients).
I am newbie in SPLUNK and i would know if it's possible to set up these functionnalities and how.
Thanks in advance.
... View more