Hello,
I am looking to integrate Splunk with IBM Security Access Manager (ISAM) 8.x virtual appliance to read the user login logs. ISAM .iso image is provided by IBM and hence I cannot install anything on the ISAM server including Splunk Forwader. Can anyone suggest the workarounds to get the log files from ISAM 8.x in Splunk?
IBM ISAM can output syslog.
Hello,
I think you can copy logs from Access manager by scp or rsync to a shared storage then Splunk can read logs from that location.
Regards,