Traps 4.1.1 support
Closed this issue · 2 comments
JoshSchwarz commented
Current version of the TA supports Traps 3.3 CEF logs, would like to ingest the new CEF log format from 4+.
btorresgil commented
Hello, Traps 4+ CEF format is already supported. See compatibility information:
https://splunk.paloaltonetworks.com/compatibility.html#traps-advanced-endpoint-security-support
Is there a specific problem you’re running into with these Traps logs? If so, what version of the TA are you using?
JoshSchwarz commented
PEBKAC. :P
Misread the documentation.