Has anybody managed to get the logs from WGCS to on-prem Splunk?
I'm keen to see how you have achieved this as the only add-on I can find is for an on-prem MWGS.
Hope you are doing well.
You can script a periodic pull and put the retrieved files in a directory accessible by Splunk.
You can use script mentioned in below link to pull logs from cloud:-
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC