Description: This video will walk through the download and install of the Splunk Real-Time Output App and show how it can be used to forward CEF events to ArcSight. This concept can be used to forward either CEF or KV events to any third-party security product.
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.