Hi all i ran into a problem while i, getting logs from Force-Point ,"security events" from a Syslog daemon connector
the problem is that the device is Sending the Epoch time in seconds to the rt field and then the END TIME is a shown the date in End Time : 19 Jan 1970 09:19:46 IST
in all the logs
i tried to use additional regex parsing but it dont work
<159>Feb 13 10:34:37 10.113.0.33 CEF:0|Forcepoint|Security|
Smartconnector version is ArcSight 7.14
any suggestion ?