All Apps and Add-ons

How to parse Deep Security Log Inspection Windows Events in Splunk??

Explorer

Hi Everyone so we are forwarding the Trend Micro Logs to a Splunk Agent that sends the logs to the Splunk server. The sourcetype is logged as Deep Security however i noticed the windows files are not being parsed properly and also i noticed i cannot view the Deep Security Agent versions ...

Any help would be great

Thank you,

Alex,

0 Karma

Motivator

Hello,

Can you provide more information about your configuration settings. For starters, inputs.conf and props.conf

0 Karma