So my predicament is,
I have a FireEye CMS outputting HTTPS POST JSON data to a Spunk instance on one network (NW1).
I have our main Splunk environment on another network (NW2).
I have a requirement to use the indexed DATA from NW1 on NW2 for correlation purposes.
DATA can only be passed OneWay from NW1 to NW2, so no splunk TCP available.
Is the a way of Copying the Indexed DATA from NW1 and adding the indexed data to NW2 environment and be searchable.
Any advise will be well received
Cheers
... View more