Hi,
I have a few questions regarding eStreamer. Have a setup where FMC virtual is on prem and FTDs are in Azure.Connection is via express route.
1- FTD will send all the logs to FMC on-prem over express route and FMC will stream it externally. correct ?
2-Is it better to use eStreamer instead of syslogs from FTDs ? or both should be used ?
3-Any documentation for implementing eStreamer for splunk ?
