Provide an interface that can stream logs directly to Splunk.
I'm trying to get logs from MongoDB Atlas to Splunk, and there's currently no native interface to do it, so instead of streaming to Splunk directly, I'm having to execute https calls in intervals, unzip them and then ship them to Splunk. Many products have interfaces to stream to Splunk directly, and it would certainly be handy in this situation.
Dan
shared this idea
4 comments
-
Geoffrey
commented
Hello,
I'm interresting to have the functionnality to push automatically the logs (organisations events, projetcs events, clusters events, clusters logs, cluster audits logs) automaticaly to a cloud storage with the possibility to set the frequency.
It's can usefull to tranfert these events to our SIEM.
-
Rohan
commented
I would like to have this feature along with capability of sending the logs to on-prem Splunk system.
-
Bjoern
commented
Would appreciate a streaming solution for the audit logs to Splunk as well. The solution mentioned by Andrew (push-based integration for logs to S3) would work for us as well. So where can I upvote for this solution ;-)
-
Hi Dan,
Out of curiosity, what is your preferred cloud provider? We plan to introduce push-based integrations for logs to cloud object storage in the future, targeting S3 first: we believe it should be easy to go to any SIEM or log solution like Splunk from there. I'm sorry we don't have something to serve your needs yet.
Note that we have pull-based integrations with jSonar (they can push to Splunk I believe) and Sumo Logic today.
-Andrew
