With the continued partnership with Splunk through their Technology Alliance Partner (TAP), Oracle is excited to announce the latest Splunk Technical Add-on integration known as the Oracle Cloud Infrastructure (OCI) logging plugin for Splunk. This plugin lets you ingest logs and other data directly from an OCI stream. You can install the plugin directly from Splunk Enterprise 8.0 or later or download it from Splunkbase.
Admins can centrally enable and collect logs from OCI resources in existing or new Splunk environments. They can also integrate with other Splunk plugins and data sources, such as threat intel feeds, to augment and enhance alerting from log data.
In comparison to push or pull mechanism described in previous blogs, we have added streaming support with the following capabilities and features:
Maintain a constant flow of log data
Closer to real-time ingestion
Resilient to short-term outages
Optimized for efficient data usage
In concert with OCI Logging and Streaming services, this plugin enables you to stream logs for the following OCI services:
IAM audit logs
Virtual cloud network (VCN) flow logs
Load balancer access and error logs
Functions invocation logs
API gateway access and execution logs
Events service logs
Object Storage logs
From the Apps menu at the top of the page, select Manage Apps.
Click Browse more apps.
Search for OCI Logging.
To directly download the latest version and for further configuration steps please see the add-on instructions on Splunkbase.
For future integration scenarios and new plugins, check back in the Oracle Cloud Infrastructure Architecture Center. For assistance with the configuration and installation of Splunk add-ons and apps, see the Splunk documentation or contact Splunk Support.