All Apps and Add-ons

How to parse Deep Security Log Inspection Windows Events in Splunk??

Explorer

Hi Everyone so we are forwarding the Trend Micro Logs to a Splunk Agent that sends the logs to the Splunk server. The sourcetype is logged as Deep Security however i noticed the windows files are not being parsed properly and also i noticed i cannot view the Deep Security Agent versions ...

Any help would be great

Thank you,

Alex,

0 Karma

Motivator

Hello,

Can you provide more information about your configuration settings. For starters, inputs.conf and props.conf

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!