What is the best way to get Common Information Model (CIM) field extractions for Auditd Logs?
Hello,
This App will help you since it is marked as working with CIM : https://splunkbase.splunk.com/app/2642/