I do not need a solution (just sharing information)
Hello all,
does anyone of you know which field in the log-messages from the Symantec Endpoint Protection Server contains the Download-Website Value which is visible on the client system when viewing a Security-Alarm.
When i look at a Security-Alarm (Security Risk found or Virus found) on the Client-System i can see the URL the file was downloaded from.
I want to see this value in our SIEM-Solution.
Thanks in Advance.
0
