In our environment, we are about to have three different networks. For simplicity, I will call them A, B, and C.
The situation:
Network A can talk to Network B.
Network B can talk to Network C.
Network A may not, under any circumstances,talk to Network C.
Network C is our primary network, and is where our LEM resides. We need to collect logs from the devices in Network A. What is the best practice?
Some products, allow a "log forwarder" that you would set up in Network B to collect those Network A logs and pass them on to Network C. Doing some research (and speaking to support) it sounds like the LEM only supports SYSLOG forwarding, and does not have any options for Agent-Data Log Forwarding. Is this correct? Has anyone run into a similar issue, and if so, how did you overcome it? (Support's suggestion is a completely separate LEM that sits in Network B, and does not interact with the exist LEM).