Does anyone know what is best method to forward the logs from Splunk to Mcafee ESM.
Requirement is McAfee ESM should understand each log sourcetype for example cisco asa , qualys VM etc,
Thanks in advanced 🙂
always a good place to start is this documentation :
here is an example for macaffee itself:
Any luck with that? If it was helpfull please accept the answer, thank you 🙂
Thanks for the reply but Mcafee ESM parser is not working.