Description | Config Example |
---|---|
Designated for Windows Event Logs. |
QRadar
The data flow should be defined with the ‘QRadar’ condition, inside the relevant forwarder:
Output: The target receives the win event logs in a LEEF format (a customized event format for QRadar).