Kaspersky Data

Use the following add-on to collect data from Kaspersky.

Splunkbase Download: https://splunkbase.splunk.com/app/4656/

Installation Guide: https://splunkbase.splunk.com/app/4656/#/details

NOTE

  • Use QRadar (LEEF format) not Splunk (CEF format) when forwarding data from Kaspersky to Syslog.

Estimated Data Size

The Kaspersky data is not large in terms of license and storage usage but it depends on the number of hosts connected in Kaspersky.

Copyright © 2024 CrossRealms International.