1 Reply Latest reply on Sep 18, 2015 8:21 AM by rhinomike

    Receiving ASP via syslog-ng relay

    rhinomike

      Hi there,

       

      Is anyone using syslog-ng relayed data sources?

       

      I am looking to integrate SIEM with some big data log sources but could not find any clear definition about what the raw syslog-ng relayed data sources look like.

       

      I am aware that the SIEM works with both Splunk and Syslog-ng servers as relays but given the platforms I'm using aren't supported relays I will more likely have to template my data streams to match the format expected by McAfee.

       

      Anyone able to help?

       

      Cheers

        • 1. Re: Receiving ASP via syslog-ng relay
          rhinomike

          I forgot to check the Online Help before asking...

           

          Details can be found on Help:

           

          Home > Configuring the ESM > Configuring devices > Event Receiver settings > Receiver data sources > Syslog relay support

           

          One day I will get used to the idea that the majority (if not all) of this product's help cannot be found using Google searches... LMGTFY :-)

           

          Cheers