Hello,
I am attempting to ingest audit logs (logins to RunDeck platform, changes to platform, etc.) into our Splunk instance (Splunk Cloud). Is there any RunDeck documentation that can assist with this? I see there used to be a RunDeck Splunk app, but it appears to have been archived and hasn’t been updated since 2018.
Solved
Splunk/RunDeck integration
Best answer by MegaDrive68k
Hello,
There´s no official information about Splunk and Rundeck integration in the documentation. I guess that you´re referring to this app.
Currently, a good approach could be using the Splunk Universal Forwarder agent to send all Rundeck logs to the Splunk instance. This is a good starting point. Additionally, this video appears to be really useful.
Regards!
Hello,
There´s no official information about Splunk and Rundeck integration in the documentation. I guess that you´re referring to this app.
Currently, a good approach could be using the Splunk Universal Forwarder agent to send all Rundeck logs to the Splunk instance. This is a good starting point. Additionally, this video appears to be really useful.
Regards!
Thank you. Do you have any documentation about how to configure RunDeck to output those logs so that the forwarder can monitor them? I am familiar with the Splunk side, but I have no knowledge of RunDeck, so I will need to know what files to monitor and if there is any configuration that needs to be done in order to generate those logs for monitoring.
Reply
Login to PagerDuty Commons
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.