You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

What is the best approach to push OCI logs to Splunk these days?

edited Jan 16, 2026 2:15PM in Observability & Management 1 comment

Summary: Our SIEM is re-architecting our Cribl/Splunk solution, and they have provided us with a Splunk HEC endpoint. We need to devise a way to PUSH our OCI logs to them vs. the PULL method we used, previously.

From what I understand, the most effective way to accomplish this would be to setup a connector hub with an OCI serverless function as the target. The function (python script) would then push the OCI events/logs to the SIEM endpoint. I want to make sure a better approach hasn't escaped my attention, so I'm asking the community if anyone has found a better alternative which doesn't include the OCI function to PUSH logs out of OCI?

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!