06-16-2024 10:48 PM
Hi Everyone,
I have encountered two Broker VM log collection and dumping problems want to ask, and then please help you help, the problem is as follows:
1. Can Broker VM tandem dump logs?
Description: As shown in the figure below, a customer wants to collect external syslogs through the syslog collector function of Broker VM A, but instead of uploading the collected logs to Cortex Data Lake directly, the customer will dump them to another Broker VM B, which will upload the logs to the Data Lake, Is this part supported and is it possible? How to configure it?
2. Can you dump to more than 2 external storage systems at the same time (3rd party SIEM...)
In addition to collecting external syslog information through the syslog collector function, can Broker VM dump these logs? For example, in the figure below, after collecting syslog information through Broker VM syslog collector => When uploading the data to Data Lake, is it possible to export the data to other storage systems (e.g. third-party SIEM system, Syslog Receiver, Database) for saving?
Thank you in advance for your help.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
