Splunk Enterprise Security

Logs are coming in Hex

xian
New Member

We are testing a study on routing logs from an e-mail security product we have used to the SIEM environment. In this context, we carried out studies using free or community versions of different SIEM products.

The logs transmitted to Splunk were sent encrypted with TLS as they were transmitted to other products. However, the logs we see on Splunk cannot be decrypted and come in the below.

Example output: \x00 \x00 \xFC m\xDF qs\x81\xF2^8g&&\xB3B\xDF\xF9\xD5

I checked the config files in Splunk and it already supported TLS. 

How can I fix that issue? 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...

Splunkbase | Splunk Dashboard Examples App for SimpleXML End of Life

The Splunk Dashboard Examples App for SimpleXML will reach end of support on Dec 19, 2024, after which no new ...

Understanding Generative AI Techniques and Their Application in Cybersecurity

Watch On-Demand Artificial intelligence is the talk of the town nowadays, with industries of all kinds ...