Showing results for 
Search instead for 
Did you mean: 
Level 10
Report Inappropriate Content
Message 1 of 2

How to parse log files via CIFS and ASP

I need to parse log files in txt from an inhouse application, i'm trying to configure a Datasource of type Syslog via CIFS, at this point is connecting to the share, but how to create rules, i am testing with a server.log from epo and this is the format in the logs without headers:

20131130195109    I    #07672    NAIMSRV     Processing agent props for micvmove07(F86663EF-B8BB-E111-839A-000000000000)

20131130195109    I    #07672    NAIMSRV     Sending props response for agent micvmove07, agent has up-to-date policy

The doc is very ambigous and not clear, anybody has a example?



1 Reply
Level 7
Report Inappropriate Content
Message 2 of 2

Re: How to parse log files via CIFS and ASP

You can access : to parser log .

i has example

i have event log query dns of BIND 9 :

<166>named[28925]: queries: info: client view localhost_resolver: query: IN A +

i  parser  rule parser as:


when at policy editor :


you can read : to can know rule parser