All Apps and Add-ons

splunk kaspersky integration

ahmedhassanean
Explorer

Dears,

i have configured Kaspersky to send CEF log to Splunk destination from Kaspersky console but when I have used CEF add on to parse this data into Splunk it's not parsed correctly , so may I know how to get his data parsed and CIM compatabile for Splunk ES

Tags (1)
0 Karma

micahkemp
Champion

Please reference a recent answers post that may provide what you need.

ikulcsar
Communicator

Hi,

What do you mean by "not parsed correctly"?
I am also trying to get events to CIM compliant. I'm looking for documentation about Kaspersky Security Center log types...

Regards,
Istvan

0 Karma

ahmedhassanean
Explorer

i mean data is parsed by no keys populated to this values , the values must be parsed with CIM compliant values

0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

Data-Driven Success: Splunk & Financial Services

Splunk streamlines the process of extracting insights from large volumes of data. In this fast-paced world, ...