我们有GitHub Enterprise设备,我们需要将GitHub日志转发到splunk可以监控的独立商店..我们如何实现这一点
您需要启用Log Forwarding,它通过syslog从GitHub设备导出审核日志
https://help.github.com/en/enterprise/2.16/admin/installation/log-forwarding
On the Management Console settings page, in the left sidebar, click Monitoring.
Select Enable log forwarding.
In the Server address field, type the address of the server to which you want to forward logs. You can specify multiple addresses in a comma-separated list.
In the Protocol drop-down menu, select the protocol to use to communicate with the log server. The protocol will apply to all specified log destinations.
您需要在Splunk端启用接收器以接收syslog,或者从syslog侦听器写入的文件中读取它