[rsyslog-notify] Forum Thread: Re: omudspoof and ASA - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Thu Feb 27 00:10:37 CET 2014
User: zangfro
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24263#p24263
Message:
----------
One thing i did notice, is that it looks for the most part that cisco ios
devices are being properly parsed, with messages here and there from the
ASA showing the source ip as the far-end rsyslog server in the problem
SIEM.
the devices that are not working at all and only showing the src ip as the
far-end rsyslog server in the SIEM are F5 and vmware, i'm sure there may be
others, but those stick out right now... currently looking at the syslog
messages they send, no doubt different than cisco's.
thanks for all your help
More information about the rsyslog-notify
mailing list