0 Replies Latest reply on Jan 9, 2016 10:09 AM by abhattacharjee

    Manual map from raw syslog

    abhattacharjee

      Added a proxy data source. I can see some of the information that are mentioned in raw log is not mapped in any field in ESM.

       

      Is there anyway other than writing a entire parser for all the logs that I can only change some part of the existing regex and map fields that fits my requirement.