You could change the 'Support Generic Syslog' setting to 'Log unknown' under the data source and it should show you any unparsed messages. From your screenshot it looks like you might have a few output format options on your device so you might want to try one of the other ones. You can post a sample for confirmation. Thanks.
Copy/paste and updated ASP rule to "Synology_DSM CIFS client accessed shared folder (v6.2)". This matches sample log in the Policy Editor but is not being parsed as yet into my SIEM. Regular Expression:
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.