I am interested in indexing all user's OS search history, web search history, and web browsing history from any browser using a universal forwarder on a given host. I also want to collect these logs when connected to any internet connection and not just when on the network with the Splunk indexers.
What is the best approach for that? What considerations should be made?
↧