Forum Discussion
How to view ingested traffic logs on MCAS
Caroline_LeeThanks for your reply! I've tried exporting the data from where you mentioned but it seems like it's the data of discovered applications only and not the original CEF data which I've ingested for that discovery. The same options are also available under IP addresses and Users tab, but it only exports the respective discovery related data and not the original one.
The purpose of being able to view/export the exact data which I have ingested is to verify whether my ingestion script is working perfectly or not (I want to use continuous reports). Now if I can only see the data fields/records on which the discovery is successful, I would not be able to exactly say whether the data I ingested had no findings when MCAS ran discovery on it or my script messed up and MCAS never actually received that data to perform discovery on.
So for this purpose, only the count of the number of records received by MCAS is also enough. Is there such an option available yet on the MCAS platform?
Thanks!
Microsoftkaushal28 Thanks for the clarification. Currently, you cannot see the actual data ingested in MCAS but you can see the # of uploaded logs if you go to Settings > Log Collector > Datasource tab.