cancel
Showing results for 
Search instead for 
Did you mean: 

SIEM Collector 11.x

Ive configured a SIEM collector to send generic log tail, but we are not receiveing any logs in the receiver. we checked the debug log and kept seeing this error over and over:

"<131> Oct 03 15:22:54 localhost SIEMCollector ERROR 0 FileTailBookmarkManager::Init Failed to access logs in directory [D:\AS400]: ERROR [18]"

 

can someone help me to determine the problem? thanks

1 Reply
McAfee Employee mherr
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: SIEM Collector 11.x

Can you provide the configuration you are using?    What is the file name format of the files in the directory?

You can try unc path vs. D:\AS400  such as \\server\d$\AS400\

Also, can you validate the filemask matches the files in the directory?  Can you try *.log if they end in log?

McAfee ePO Support Center Plug-in
Check out the new McAfee ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.