Forum Discussion
mnagel
6 years agoProfessor
Yeah, I posted at least one FR on this -- it would be necessary to define a correlation key that tracks an incident. We have used SEC for this previously which provided primitives for handling incidents using that key, but there is no similar capability in LM. We will probably look at moving Windows event capture into SumoLogic as we were forced to after finding syslog from routers and switches does not work.
Related Content
- 2 months ago
- 8 months ago
- 2 years ago
- 5 months ago