I have installed the Symantec Data Loss Prevention (DLP) and I configured input. We are receiving logs but unfortunately the fields are not being extracted. We are using the sourcetype of symantec:dlp:syslog.
Before I extract the fields manually, I wanted to check if anyone else experienced this and found a solution.
Hi
I am experiencing the same thing. I have all the logs but unfortunately none of the fields are extracted. Did you find a answer to this or just extract manually?
Thanks