one of our end-user clients have massive information stored in ELK stack. Our company needs to collect those data into Splunk using Splunk Universal forwarder . They can't send us fluentd due to firewall restrictions.
- How can Splunk UF read from logstash? Does it have to query ELK api to do this?
- Can Splunk UF do polling to get data on a regular basis?
Worse case I'm asking them to write the data into a file , but wanted to see Splunk UF native intergration to ELK if its present
↧