About hemantwcp7

hemantwcp7 · ‎11-16-2021

Only Windows:Security logs not receiving but other Windows:System and Windows: Application logs are receiving.

hemantwcp7 · ‎11-12-2021

Few DC servers not showing source=wineventlog:security. Can someone provide the troubleshooting steps to find the what change happened in configuration file or is any additional change required.

hemantwcp7 · ‎10-22-2021

@richgalloway, On syslog server we have custom .conf file in syslog-ng directory where all palo alto logs coming on udp_port(10527) , tcp_port(10527) . In this file only i added the new pan source. Rest all pan sources from this conf are correctly landing to proper index on Splunk cloud except one new pan source.

hemantwcp7 · ‎10-21-2021

Is splunk ITSI and IT Essentials work require a paid subscription ? Is this available for Splunk cloud instance ? Splunk Cloud Version: 8.2.2107.2 Enterprise Security Version: 6.6.0

hemantwcp7 · ‎10-20-2021

@richgalloway , I checked the available indexes.conf but i did not found monitor stanza section. Can you please specify the file location on linux OS ?

hemantwcp7 · ‎10-20-2021

We have configured the panorama management logs on syslog server correctly. While checking the pan logs on core search head logs are going to catch all index. Please suggest here for correct configuration to fix the issue.

Posts	6
Solutions	0
Karma Given	0
Karma Received	0
Member Since	‎10-20-2021

Online Status	Offline
Date Last Visited	‎03-02-2022 07:40 AM

wineventlog:security logs not receiving

ITSI and IT Essentials work

logs are going to catch all index

Re: wineventlog:security logs not receiving

wineventlog:security logs not receiving

Re: logs are going to catch all index

ITSI and IT Essentials work

Re: logs are going to catch all index

logs are going to catch all index