Highlighted
kunal.r Respected Contributor.
Respected Contributor.
231 views

Logs with no DeviceVendor and DeviceProduct name

We are receiving some logs with no DeviceVendor and DeviceProduct name. Due to this we are getting "Unknown" in "Top Event Sources" dashboard. This is happening mostly for Windows security Audit log : "Microsoft-Windows-Security-Auditing:5158 & 5156". We are getting "Microsoft Windows" as Device Vendor and product, but the event count for the same is very less, most of the events from "windowsfg" are coming to our ESM without any Device Vendor or product information whereas till the logger appliance (from smartconnector) the device vendor and product information is coming.

Kindly help in addressing this issue.

Labels (3)
0 Likes
4 Replies
Super Contributor.. Alexandros Naoum Super Contributor..
Super Contributor..

Re: Logs with no DeviceVendor and DeviceProduct name

Hi,

That could be a parsing issue. What version of wuc you are use?

0 Likes
Gayan Acclaimed Contributor.
Acclaimed Contributor.

Re: Logs with no DeviceVendor and DeviceProduct name

Hi Kunal,

What is your connector version ?

Cheers

Gayan

Mr
0 Likes
kunal.r Respected Contributor.
Respected Contributor.

Re: Logs with no DeviceVendor and DeviceProduct name

Hi Gayan,

The smart connector version is 7.3.0.7886.0 (x64)

Thanks and Regards,

Kunal.

0 Likes
kunal.r Respected Contributor.
Respected Contributor.

Re: Logs with no DeviceVendor and DeviceProduct name

Hi,

The smart connector version is 7.3.0.7886.0 (x64)

Thanks and Regards,

Kunal.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.