Logs with no DeviceVendor and DeviceProduct name
We are receiving some logs with no DeviceVendor and DeviceProduct name. Due to this we are getting "Unknown" in "Top Event Sources" dashboard. This is happening mostly for Windows security Audit log : "Microsoft-Windows-Security-Auditing:5158 & 5156". We are getting "Microsoft Windows" as Device Vendor and product, but the event count for the same is very less, most of the events from "windowsfg" are coming to our ESM without any Device Vendor or product information whereas till the logger appliance (from smartconnector) the device vendor and product information is coming.
Kindly help in addressing this issue.