I havent worked with splunk much, but I am pretty sure that you can tell
Splunk to capture just about any file you want. What would you want to do
rather than send it to syslog?
On Mon, Sep 14, 2020 at 3:49 PM MacGregor, Ian A. <
Otr security team wants Oreacle audit information for some databases to
be in Splunk. I have fulfilled this request by writing the audit
information to the server's"syslog" which is captured by or provided to
Splunk. This is less than ideal. I am curious if others have this
requirement, and what they are doing about it?
Ian A. MacGregor
SLAC National Accelerator Laboratory
To offer the best IT service at the lab and be the IT provider of choice.