cancel
Showing results for 
Search instead for 
Did you mean: 

receiver gets syslog raw logs and parsed it but ESM doesn't show events

Jump to solution

I have ESM Nitro 9.5.0. i am facing a problem with configuring syslog, when added data source in esm, Reciever is showing logs and also parsed it but not showing in ESM whereas all the database table of ESM are build successfully.

1 Solution

Accepted Solutions

Re: receiver gets syslog raw logs and parsed it but ESM doesn't show events

Jump to solution

At the data source configuration, did you set the "Log unknown events" as below?

If the logs sent are not supported by McAfee, you will have to create your own custom parser to parse the data.

1 Reply

Re: receiver gets syslog raw logs and parsed it but ESM doesn't show events

Jump to solution

At the data source configuration, did you set the "Log unknown events" as below?

If the logs sent are not supported by McAfee, you will have to create your own custom parser to parse the data.