My ESM not parsing ngnix logs (I see "unknown event"). I tried to find regex for nginx in "Advanced Syslog Parser Rule", but not found. It's a true, that there is no parser rule for nginx and I need to create my own?
Go to Solution.
You will need to make your own parser. It's always best to make your own, this ensures the valuable fields are parsed from the packets.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC