Hi, I am quite new to Splunk, so sorry in advance if I ask silly questions. I have below task to do: "The logs show that Windows Defender has detected a Trojan on one of the machines on the ComTech network. Find the relevant alerts and investigate the logs." I keep searching but dont get the right logs. I seached below filters: source="XmlWinEventLog:Microsoft-Windows-Sysmon/Operational" source="XmlWinEventLog:Microsoft-Windows-Windows Defender/Operational" I would really appreciate if you could help. Thanks, Pere
... View more