For a SAS IRM/EG/Metadata and other Infrastructure servers (there are multiple servers) from your experience, is there a way to install Splunk Forwarder agents to collect the logs. The Information like certificate expiry, license expiry, user activity, disk usage and activity, startup/shutdown from services and authentification logs?
Or do you use some other tool. As I already have Splunk this would be interresant.
I don't know about Splunk, but I am aware it is a monitoring tool. In this sense, as with any monitoring tool, you will have some out-of-the-box functionality, and then you will need some manual actions, as providing the log locations, extending information of the logs, including patterns to read the logs, etc.
In general, you can use many of the monitoring tools out there, as long as you manage to provide this information to the tool.
SAS provides out of the box, starting with SAS 9.4, and SAS Viya, a monitoring tool, the SAS Environment Manager, and you can do basically the same, provide location of logs, include patterns to read logs, set alerts .... all the same.
Hence, the remaining question, is the additional information. You can do this on many ways. A very easy one is to enable the Extended Monitoring Interface (EMI) for SAS Environment Manager, on which you can enable the ACM, APM and Kits packages, which will provide not only the additional information, but also a bunch of useful reports you can generate through Stored Processes, created already by SAS. Check it out: