Showing results for 
Search instead for 
Did you mean: 

Receiving ASP via syslog-ng relay

Hi there,

Is anyone using syslog-ng relayed data sources?

I am looking to integrate SIEM with some big data log sources but could not find any clear definition about what the raw syslog-ng relayed data sources look like.

I am aware that the SIEM works with both Splunk and Syslog-ng servers as relays but given the platforms I'm using aren't supported relays I will more likely have to template my data streams to match the format expected by McAfee.

Anyone able to help?


1 Reply

Re: Receiving ASP via syslog-ng relay

I forgot to check the Online Help before asking...

Details can be found on Help:

Home > Configuring the ESM > Configuring devices > Event Receiver settings > Receiver data sources > Syslog relay support

One day I will get used to the idea that the majority (if not all) of this product's help cannot be found using Google searches... LMGTFY 🙂


More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center