cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

NGINX logs to ESM

Jump to solution

Hi everybody.

My ESM not parsing ngnix logs (I see "unknown event"). I tried to find regex for nginx in "Advanced Syslog Parser Rule", but not found. It's a true, that there is no parser rule for nginx and I need to create my own?

1 Solution

Accepted Solutions
Reliable Contributor brenta
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: NGINX logs to ESM

Jump to solution

You will need to make your own parser. It's always best to make your own, this ensures the valuable fields are parsed from the packets.

Brent
1 Reply
Reliable Contributor brenta
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: NGINX logs to ESM

Jump to solution

You will need to make your own parser. It's always best to make your own, this ensures the valuable fields are parsed from the packets.

Brent
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator