duosecurity / duo_log_sync

MIT License
37 stars 28 forks source link

Sending to Splunk SIEM #25

Open mike1li opened 2 years ago

mike1li commented 2 years ago

We noticed that in DLS's config.yml there is no option for sslPassword which is needed to send the logs to Splunk SIEM.. Does this mean we should be using https://duo.com/docs/splunkapp (https://splunkbase.splunk.com/app/3504/#/details) instead of DLS? Please advise. Thanks.