1. Proposed title of this feature request: RHACS authentication audit log forwarding to Splunk

2. What is the nature and description of the request?: The Customer would like to forward authentication logs (such as ACS logins, failed login attempts, or similar authentication events) to Splunk.

A RHACS engineer mentioned that: Audit log captures modifying requests. Login attempts don't modify stored data so we won't produce a record in the ACS audit log

3. Why does the customer need this? (List the business requirements here): Customer would like to enforce security regarding authentication attempts, but since these logs are not forwarded to Splunk, there is no way of knowing who is attempting to access RHACS

4. List any affected packages or components. Red Hat Advanced Cluster Security for Kubernetes - Splunk