I am monitoring SSL traffic into and out of our network using LEM. All of the traffic coming from inside our firewall has no source listed. Do I need to do something to get this IP to show up?
If you look at the original logs, do they include the information that you care about? If so, what sort of device is sending that information to LEM?
