Is it possible to monitor below 2 situations via SEPM logs forwarded to Splunk via externla logging feature on SEPM console :
Virus definitions x days old - If we want to alert on machines which have Virus definitions X days old? This would help administrators look in to possible issues.
Components not function properly - For example auto protect not functioning. This should be reported and alerted.
Thanks, Amar