我们拥有GitHub Enterprise设备,我们需要将GitHub日志转发到splunk可以监视的独立商店。我们如何实现这一目标
答案 0 :(得分:1)
您将需要启用日志转发,该日志转发会通过syslog从GitHub设备导出审核日志
https://help.github.com/en/enterprise/2.16/admin/installation/log-forwarding
On the Management Console settings page, in the left sidebar, click Monitoring.
Select Enable log forwarding.
In the Server address field, type the address of the server to which you want to forward logs. You can specify multiple addresses in a comma-separated list.
In the Protocol drop-down menu, select the protocol to use to communicate with the log server. The protocol will apply to all specified log destinations.
您需要在Splunk端启用接收器以接收syslog,或从syslog侦听器写入的文件中读取它