Skip to content

Enterprise Security Leef

Leef format has not been tested samples needed

Key facts

  • MSG Format based filter
Ref Link
Splunk Add-on https://splunkbase.splunk.com/app/4656/

Sourcetypes

sourcetype notes
kaspersky:cef
kaspersky:klaud
kaspersky:klsrv
kaspersky:gnrl
kaspersky:klnag
kaspersky:klprci
kaspersky:klbl

Sourcetype and Index Configuration

key sourcetype index notes
KasperskyLab_SecurityCenter all epav none