SIEM agent app selection not working
Article ID: 172666
Updated On:
Products
CASB Security Standard
CASB Security Premium
CASB Security Advanced
CASB Audit
CASB Gateway
CASB Gateway Advanced
Issue/Introduction
CloudSOC/CASB
Trying to use the --app switch does not filter for app-specific logs.
Cause
The SIEM agent --app switch requires case-sensitive input.
Resolution
Use the following syntax to obtain AWS-specific logs from the tenant using SIEM agents:
--app "Amazon Web Services"
Additional Information
For more information see: Delivering logs with SIEM
Feedback
Yes
No
Powered by
