Hey there, I am currently trying to ingest to Splunk cloud log files that, after some processing, are being stored on s3.
I can basically identify 2 strategies here:
Each time a file comes in, a lambda is triggered that parses line by line and forwards each one of those to the HEC. I could loosely follow this guide for that https://www.splunk.com/blog/2017/02/03/how-to-easily-stream-aws-cloudwatch-logs-to-splunk.html (the lambda blueprint part)
Forward entire files to Splunk cloud, but I have no idea how to achieve that without setting up an ec2 instance
How can I achieve number 2? as to my understanding, would be the best course of action.
Best Regards,
... View more