Good day everyone. I am new to the McAfee SIEM world and just learning the ins and outs. I went ahead and imported several linux servers into the configuration. The Linux team also did their part and already are forwarding the logs into the SIEM. If I go to each data source where they made such changes I see the logs being received. The issue is that I imported over 600 servers and they are making such changes by grouping the servers and forwarding logs per week.
Is there a way from the dashboard to search for all linux operating system forwarding logs? I did an operating system = Linux search and it only comes back with 9, and I know much more are beingreceived. Any guidance appreciated. Thanks
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.