All Apps and Add-ons

Forwarding logs(all sourcetypes) from Splunk to Mcafee ESM

sumitkathpal
Explorer

Hi All,

Does anyone know what is best method to forward the logs from Splunk to Mcafee ESM.

Requirement is McAfee ESM should understand each log sourcetype for example cisco asa , qualys VM etc,

Thanks in advanced 🙂

Tags (1)
0 Karma

dkeck
Influencer
0 Karma

dkeck
Influencer

Any luck with that? If it was helpfull please accept the answer, thank you 🙂

0 Karma

sumitkathpal
Explorer

Thanks for the reply but Mcafee ESM parser is not working.

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...