We have a relatively small Splunk implementation - just 1 standalone server. We're downloading Cisco Umbrella logs from the Cisco-managed S3 Bucket for reporting purposes.
We now have the need to also forward those umbrella logs to a syslog server in addition to leaving them on the standalone for reporting. Is there a way to configure a standalone to forward to a syslog server?
↧