We are just starting to implement CA Directory. With our legacy directory, our logs are consumed by Splunk and the those files are able to be consumed using ootb sourcetypes of Splunk.
Wondering if anyone also uses Splunk with CA Directory and are you able to use a known sourcetype to consume them or did you have to create a custom sourcetype? I'm looking at consuming the summary, warn, stats and diag logs.
Thanks