4 Replies Latest reply on Jul 27, 2017 12:00 PM by tkinkead

    Syslog xml parsing template with Logstash

    fcb

      Hi All,

       

      We are trying to use the functionality of the syslog registered server from ePO 5.9. However, the only way the files are received is via xml, which would be fine, but McAfee xml files are nested beyond infinity. Has anybody attempted this before? We have logged numerous calls with McAfee, but they just say that their job is done. The files are sent to the syslog server, what we do with it and what we need to do to parse these is our own problem.