All Apps and Add-ons

How to parse Deep Security Log Inspection Windows Events in Splunk??

alaquerre
Explorer

Hi Everyone so we are forwarding the Trend Micro Logs to a Splunk Agent that sends the logs to the Splunk server. The sourcetype is logged as Deep Security however i noticed the windows files are not being parsed properly and also i noticed i cannot view the Deep Security Agent versions ...

Any help would be great

Thank you,

Alex,

0 Karma

sudosplunk
Motivator

Hello,

Can you provide more information about your configuration settings. For starters, inputs.conf and props.conf

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!