Has anyone used the webhook (or any other method) to integrate ODFE audit logging with Splunk?
I’m trying to figure out which approach is best. It seems like Splunk expects a different format than the default audit logs provided by ODFE.
The reason why I’m asking is that my organization keeps audit logs in Splunk Enterprise.