Splunk Enterprise

sourcetype=opsec:anti_malware

luis_silvac
Engager

Good morning

I have a problem, when normalizing information related to a checkpoint, I find that I have a sourcetype: opsec:anti_malware but I manage to identify which ones are allowed / blocked / dererred, I install the Splunk Add-on for Check Point OPSEC LEA, Has anyone had the same problem ? 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Get ready to show some Splunk Certification swagger at .conf24!

Dive into the deep end of data by earning a Splunk Certification at .conf24. We're enticing you again this ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Now On-Demand Join us to learn more about how you can leverage Service Level Objectives (SLOs) and the new ...

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...