Expand my Community achievements bar.

Help shape the future of AI assistance by participating in this quick card sorting activity. Your input will help create a more effective system that better serves your needs and those of your colleagues.
SOLVED

AEP - Splunk Integration for Audit Logs

Avatar

Community Advisor

Hi 

We are trying to Automate AEP Audit Logging to Splunk. We are exploring this option now https://experienceleague.adobe.com/docs/experience-platform/tags/extensions/server/splunk/overview.h... . Looking for a best approach, if anyone have idea / experience on this please suggest.

1 Accepted Solution

Avatar

Correct answer by
Level 5

Hi Ganthimathi,

Need to think about the below for the automation with Splunk:

  • The frequency of the logs you want to send. Do you want to send them in real-time, or do you want to send them in batches?
  • The format of the logs you want to send. Do you want to send them in JSON, XML, or another format?
  • The Splunk server you want to send the logs to. Do you want to send them to a specific Splunk server, or do you want to send them to a load balancer that will distribute them to multiple Splunk servers?

Once you have considered these factors, you can choose the best approach for your needs. Here are some of the options available to you:

  • You can use the AEP Audit Logging API to send the logs directly to Splunk.
  • You can use a third-party tool like Logmatic or Splunk Enterprise Manager to send the logs to Splunk.
  • You can use a cloud-based service like Splunk Cloud to send the logs to Splunk.

The best approach for you will depend on your specific needs and requirements. So, not able to give a straightforward answer as it all depends :).
Hope it helps.

Thanks

Madhan

View solution in original post

1 Reply

Avatar

Correct answer by
Level 5

Hi Ganthimathi,

Need to think about the below for the automation with Splunk:

  • The frequency of the logs you want to send. Do you want to send them in real-time, or do you want to send them in batches?
  • The format of the logs you want to send. Do you want to send them in JSON, XML, or another format?
  • The Splunk server you want to send the logs to. Do you want to send them to a specific Splunk server, or do you want to send them to a load balancer that will distribute them to multiple Splunk servers?

Once you have considered these factors, you can choose the best approach for your needs. Here are some of the options available to you:

  • You can use the AEP Audit Logging API to send the logs directly to Splunk.
  • You can use a third-party tool like Logmatic or Splunk Enterprise Manager to send the logs to Splunk.
  • You can use a cloud-based service like Splunk Cloud to send the logs to Splunk.

The best approach for you will depend on your specific needs and requirements. So, not able to give a straightforward answer as it all depends :).
Hope it helps.

Thanks

Madhan