Enterprise Security Leef¶
Leef format has not been tested samples needed
Key facts¶
- MSG Format based filter
Links¶
| Ref | Link |
|---|---|
| Splunk Add-on | https://splunkbase.splunk.com/app/4656/ |
Sourcetypes¶
| sourcetype | notes |
|---|---|
| kaspersky:cef | |
| kaspersky:klaud | |
| kaspersky:klsrv | |
| kaspersky:gnrl | |
| kaspersky:klnag | |
| kaspersky:klprci | |
| kaspersky:klbl |
Sourcetype and Index Configuration¶
| key | sourcetype | index | notes |
|---|---|---|---|
| KasperskyLab_SecurityCenter | all | epav | none |