cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tiwake
Level 7
Report Inappropriate Content
Message 1 of 9
‎01-13-2016 07:04 PM

McAfee SIEM cannot show the UTM firewall's raw log

McAfee cannot see the real raw log of Netasq UTM firewall. It can get the log as SMTP code xx – id = firewall (picture No.1) but it can get the real log of StoneGate firewall (picture No.2).


Please kindly see the attached.

Is there any solution to fix it?

0 Kudos
Reply
8 Replies
catdaddy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 9
‎01-13-2016 07:31 PM

Re: McAfee SIEM cannot show the UTM firewall's raw log

Being a Consumer Products Moderator, I am not well versed on Enterprise/Corporate products. However do you feel that the Forum would be better suited for assistance ?

If so I can move your thread there.

Regards,

CD

Cliff
McAfee Volunteer
0 Kudos
Reply
tiwake
Level 7
Report Inappropriate Content
Message 3 of 9
‎01-13-2016 07:36 PM

Re: McAfee SIEM cannot show the UTM firewall's raw log

Please move.

0 Kudos
Reply
catdaddy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 9
‎01-13-2016 07:41 PM

Re: McAfee SIEM cannot show the UTM firewall's raw log

Moved to Security Information and Event Management (SIEM) >Discussion > Discussions

Per request/Better Assistance

Cliff

Moderator

Cliff
McAfee Volunteer
0 Kudos
Reply
xded
Level 12
Report Inappropriate Content
Message 5 of 9
‎01-14-2016 12:55 AM

Re: McAfee SIEM cannot show the UTM firewall's raw log

What do you mean with can't see the raw log?

Do you want to sse the original Log from the DataSource over the ELM or do you want to pars the log from your Datasource?

0 Kudos
Reply
tiwake
Level 7
Report Inappropriate Content
Message 6 of 9
‎01-14-2016 01:06 AM

Re: McAfee SIEM cannot show the UTM firewall's raw log

I want to sse the original Log from the DataSource over the ELM

0 Kudos
Reply
xded
Level 12
Report Inappropriate Content
Message 7 of 9
‎01-14-2016 01:39 AM

Re: McAfee SIEM cannot show the UTM firewall's raw log

If the Datasource is logging to ELM than

1. Select one Event

2. make a Event drilldown to Events

3. Select the Event you want to see in raw log

4. click on the last tab there must be a tab from your ELM

5. Search the Events you want to see

0 Kudos
Reply
tiwake
Level 7
Report Inappropriate Content
Message 8 of 9
‎01-21-2016 12:37 AM

Re: McAfee SIEM cannot show the UTM firewall's raw log

Thank you for help.

How can I pars the log from data source?

0 Kudos
Reply
xded
Level 12
Report Inappropriate Content
Message 9 of 9
‎01-25-2016 12:47 AM

Re: McAfee SIEM cannot show the UTM firewall's raw log

1). with the original parser from mcafee

2). with your own parser you write

     -> in the top right of the ESm console you have right the Systemproperties an icon click on it. There you can write your own parser. Be carefull pls.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC