Has anyone parsing aplication Weblogic logs? I have problem with correct send logs to Mcafee SIEM. I used Mcafee SIEM collector. Bottom I pasted my configuration. Logs send to SIEM but orignal logs have some lines from other logs in parsing log which should have two line. Parsing is correct.
Below example bad send log, I pasted from SIEM column Packet :
"WPPM_PROVIDER:WP5_PROD WPPM_BL_PROVIDER_INSTANCE:ST_PROD INFO [15-03-2016 10:58:04.651] (WebMethodsProviderPayload.java:341) invocationXML [id_pinstance=15019912,id_user=626420,id_process=7791102,pr_name=xxxxxxx,provider=xxxxxx,timeMarker=2016-03-15 10:58:04]"
I marked red color part log which can't be in this log. What method do you recommend to retrieve multiline logs variable structure ?
INFO [15-03-2016 04:13:38.950] (WppmEngineDAO.java:776)
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.