Does anyone know what is best method to forward the logs from Splunk to Mcafee ESM.
Requirement is McAfee ESM should understand each log sourcetype for example cisco asa , qualys VM etc,
Thanks in advanced 🙂
always a good place to start is this documentation :
here is an example for macaffee itself: