Setting up UniversalForwarders on each node should work just fine. However, since Azure diagnostics logs might always have more information, I want to have this data indexed. Did you figure out the best way to forward azure diagnostics logs to a Splunk indexer (OnPrem or on Azure)?
... View more