Hi,
We were told to send a security Logs from MobileIron to Splunk log collector.
But we are unsure what to fill in the the severity type field.
We tried *.info but it didn't send security related information such as admin log on attempt.
Appreciate if you can advise the severity type. Thank you.
Hi myazid,
according to this shiny PDF https://marketplace.mobileiron.com/servlet/servlet.FileDownload?file=00P3400000hElSdEAK there is a universal forwarder on the appliance and according to this post https://answers.splunk.com/answers/607031/is-there-any-mobile-iron-devicemdm-integration-doc.html you can use the Administration Console to configure everything.
Just the messenger here, never used MobileIron ¯\_(ツ)_/¯
Hope this helps ...
cheers, MuS