SEDR does not forward the field "reg_value_result.data" to Splunk

book

Article ID: 192033

calendar_today

Updated On:

Products

Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

When reviewing data sent from Splunk to Symantec Endpoint Detection and Response (SEDR), the field "reg_value_result.data" is missing.

Resolution

This is a known issue which will be resolved in a future release.