Does Symantec DCS 6.5 logs(syslogs) feed into Splunk. Does anyone have any experience with this or know if this would be possible? Is it realtime or not - and what format is used ?
Your response will be greatly appreciated.
The management server doesn't actually push data. But you'll probably be able to pull data from the database using connector provided by Splunk.
See Chuck Edsons post on this subject here.
Hope that helps.