I am currently having a problem with the built in header parsing of Mcafee. Usually when I get a packet to which there is a syslog header the Mcafee parser automatically extracts the host name from the header and appropriately fills it in the host field. Yet in certain parsers and certain packets this does not apply even though the packets are in the same format as packets from which the header is extracted correctly. Does anyone know what could be the cause to this and how to remedy it?
Could you provide more details please? With which specific parsers/ packets do you experience issues. Plese provide your exact configuration and version. If not done already, you may want to raise a Service Request to get this investigated in more detail.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.