Hello Splunkers,
I have a requirement wherein I need to forward the data to the third-party system apart from sending logs to Splunk.
What is the impact of having syslog-ng along with universal forwarder that sends almost the same amount (mostly 75% same data) to a third party system?
Will this have a performance issue like "parsing queue getting filled" / network bandwidth consumption.
Which is the best way to integrate splunk to third party system.?
↧