Hi ALL,
I can not see sourcetype snare:application or snare:security while go installed app splunk-ta-windows.
this case i go monitoring log file from rsyslog server.
this here use snare agent send syslog to rsyslog server.
please clear help me how to parsing this log file windows use format snare agent.
many thanks your suppott
... View more