Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

TrendMicro deepdicovery app settings

bbiswabhusan
Explorer
‎11-29-2021 10:04 PM

Hello Team,

I am trying to setup the TrendMicro DeepDiscovery app to process the DDA/DDI events. I also have TrendMicro IWSVA hosts. After the app is installed in SH, I am redirected to the app setup page. Ihave replaced the default index in Deep Discovery Event Type i.e. ddi_index with the index that I had created with custom inputs. Similarly i have replaced the index name for Web Access Log Event Type as well with new index name. But the logs with sourcetype"squid"are still going to the default index log_index. Can someone suggest how we can troubleshoot it. Also, can someone suggest what should be the sourcetype for the DDA/DDI and IWSVA logs.

 

Any help/suggestion is helpful.

Thanks

Labels (3)
0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...