Hi there,
We have configured Elasticsearch integration into our Orchestrator. Is anyone aware of whether we are able to ship logs to a secondary source as well?
Our organisation uses Splunk/SIEM to monitor events, so I expect that logs need to be shipped to a local log file, where the Splunk/SIEM agent can ingest them.
Any comments or suggestions on how to achieve this would be appreciated.
Regards
Blayne