Learn how to forward logs and data from Cortex Cloud to external third-party services such as email, Slack, syslog, and Splunk.
You can forward logs, cases, and issues from Cortex Cloud to an external service. By forwarding logs and data, you can manage alerts and investigations in external systems and meet data retention requirements. Available services include the following:
Slack channel and/or syslog receiver: Configure the external application with Cortex Cloud. After the application is configured, configure notification forwarding, specifying the data/log type you want to forward.
Email distribution list: Configure notification forwarding, specifying the data/log type you want to forward.
Splunk, Amazon SQS, Amazon S3, and Webhook: Only cases and issues can be forwarded to these services. The external application must be configured in Cortex Cloud and egress configured in the Cortex Gateway before forwarding to these services.
The following table shows the log types supported for each notification type: