cancel
Showing results for 
Search instead for 
Did you mean: 
aszotek
Level 10
Report Inappropriate Content
Message 1 of 6

XML parser - is it there or even planned?

Jump to solution

Hi All,

I doubt that ESM is able to parse XML at current version (9.4.2), but happy to be proved wrong.

Please let me know if anybody has any info/rumors about XML support in Nitro.

Thanks

1 Solution

Accepted Solutions
Highlighted

Re: XML parser - is it there or even planned?

Jump to solution

Yes, 9.4.2 has support for XML parsing.  Attached is a screenshot showing a simple example:

2-4-2015 7-53-37 AM.png

Scott

5 Replies
Highlighted

Re: XML parser - is it there or even planned?

Jump to solution

Yes, 9.4.2 has support for XML parsing.  Attached is a screenshot showing a simple example:

2-4-2015 7-53-37 AM.png

Scott

rcavey
Level 9
Report Inappropriate Content
Message 3 of 6

Re: XML parser - is it there or even planned?

Jump to solution

Scott,

This would be awesome if I could implement some XML parsing... we have logs from a few servers which are essentially XML that are forward to machine syslog -> syslog'd to Nitro. Are you saying we should be able to parse that?  From your example above, how is that sample data making it's way in to the receiver??   syslog or some other transport?

Thanks a bunch,

  -Bob

Re: XML parser - is it there or even planned?

Jump to solution

Most often XML-formatted logs come in via a file import (via FTP, SCP, etc.) Syslog was designed for relatively smallish messages, and can get cranky when you try to send large messages, depending on your implementation.  That said, I see no reason why syslog wouldn't work.  In my example, the sample you see was simply manually copied/pasted from a sample file directly into the ASP editor. 

Scott

rcavey
Level 9
Report Inappropriate Content
Message 5 of 6

Re: XML parser - is it there or even planned?

Jump to solution

Thanks Scott ...  appreciate it!

d_j
Level 7
Report Inappropriate Content
Message 6 of 6

Re: XML parser - is it there or even planned?

Jump to solution

Scott, with the ASP built, how does one get the log in if its a log from a custom piece of software and from and airgap network? Could I just manually upload the long somewhere? I was looking through the data sources and of course, because its custom software, there are no suitable options.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community