Hi Osama,
DSM Guide is covering Forcepoint Sidewinder 6.1 (formerly known as McAfee Firewall Enterprise 6.1, Stonesoft Management Center 5.4 to 6.1 (Forcepoint), Forcepoint TRITON 7.7, and 8.2 (formerly known as Websense), Forcepoint V-Series Data Security Suite (DSS) 7.1x (formerly known as Websense) and Forcepoint V-Series Content Gateway V7.1x (formerley known as Websense). So you got 5 different logsource types to configure by default in 7.5.0. Not sure where your DLP is located - pls outline type and version. In case its not covered by default pls use DSMedit to support you unknown logsource type. Before make sure your logsource config is correct. Unknown data when adding a lnew logsource often fail when manually configured. Typical problem is wrong syslog header where hostname and source ip address are interchenged between whats configured versus whats atually coming in. Pls provide a screenshot how it actually looks like in log activity.
------------------------------
[Karl] [Jaeger] [Business Partner]
[QRadar Specialist]
[pro4bizz]
[Karlsruhe] [Germany]
[4972190981722]
------------------------------
Original Message:
Sent: Wed January 10, 2024 10:24 AM
From: osama ahmed
Subject: forcepoint Dlp with qradar
Anyone have any idea how we can integrate Forcepoint DLP with Qradar., when i integrade it it recieved as unknown
------------------------------
osama ahmed
------------------------------