McAfee cannot see the real raw log of Netasq UTM firewall. It can get the log as SMTP code xx – id = firewall (picture No.1) but it can get the real log of StoneGate firewall (picture No.2).
Please kindly see the attached.
Is there any solution to fix it?
If the Datasource is logging to ELM than
1. Select one Event
2. make a Event drilldown to Events
3. Select the Event you want to see in raw log
4. click on the last tab there must be a tab from your ELM
5. Search the Events you want to see
1). with the original parser from mcafee
2). with your own parser you write
-> in the top right of the ESm console you have right the Systemproperties an icon click on it. There you can write your own parser. Be carefull pls.