Hye ! I am trying to analyze Windoes firewall logs in splunk Enterprsie locally hosted . Follwings have ben done already: Logs are being ingested successfully to server Can view logs with details App TA-winfw already installed However its missing any IP realetd info like src ip , dst ip and protocol. However I can see these fileds in local file stored at "C:\Windows\System32\LogFiles\Firewall\pfirewall.log" But dont see any such values into splunk ingested log data . Need help and guidance if I am missing anything ? Regards
... View more