these queries do not. you can add them by editing the 'conf' file but they cannot be validated through the interface so they do not work.
... View more
not only what driver . there are db inputs that need to be updated and it would be nice to know how the queries have been update to make it work.
... View more
got it so you are basically dumping every single log on that directory. another question. any special rules on that sourcetype?
We are currently analyzing the boarding but we are hitting the same issues that you have. the connector to sccm does not work so the next step is working with the logs themselves
thanks in advance nick
Alvaro
... View more