Hi I want to ingest sophos intercept x endpoint logs to elasticsearch. Through API im getting the alerts on syslog but the sophos filebeat module does not support alerts as it says it support only firewall logs. can u tell me how to get the sophos EDR alerts on Elasticsearch siem
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.