Splunk Enterprise Security

TrendMicro AV logs and Malware report: Can anyone me with my search query?

SunilMaharishi
Path Finder

Hello Team ,

I have to create a report using [trendmicro AV logs] which should include the below details:

— Monthly malware report (with location, total # of computers, count of malwares, % of infection

Can anyone can help create an efficient search query that would return the information above if using this product?

I have created a report that contains hosts which were infected, but I need the count of total number of hosts in the environment.

Currently, in the logs, i can not have total number of hosts, so i have got a CSV file which contains all the assets where trendmicro officescan agent is installed. But, i am unable to write a lookup to get assets, map locationm and other relevant fields

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...