The CloudSOC Splunk SIEM agent is not exporting all logs

book

Article ID: 171237

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package

Issue/Introduction

CloudSOC

The Splunk SIEM agent exports only the logs related to content inspection and policy violations.
It does not export other activities.  
 

Resolution

To ensure that all logs are collected use this command:

/usr/bin/python splunk_agent.py --severity all