Squid Syslog Subagent Flex Connector Parser

This is a map to my Documents from my old post to Connectors space.

Dear Community,

I have recently accomplished developing a Squid Syslog Subagent parser and this made my life easier to not to install seprate squid connector, sharing log files over the network and lot many issues.

Now I have a Syslog Parser which parses logs from different Squid Versions:

Squid Version Tested:

2.6.STABLE21

2.6.STABLE22

Version 3.1.14 ( Current and latest stable ) This version was not supported with Squid SmartConnector.

Field Mappings are same as Squid SmartConnector with some little changes.

It also takes care of mapping device address field which is not in the case of Squid SmartConnector.

I'm attaching a RAR file which contains Squid.subagent.sdkrfilereader.properties file along with categorization file.

Place the parser in $ARCSIGHT_HOME\user\agent\flexagent\syslog\

and place the categorization squid folder in $ARCSIGHT_HOME\user\agent\acp\categorizer\current\

I'm also attaching screenshot for your information.

https://protect724.hp.com/servlet/JiveServlet/download/3194-1-8099/12-4-2012 6-29-40 PM.png

https://protect724.hp.com/servlet/JiveServlet/download/3194-1-8100/Squid Subagent Parser.rar

Thanks,

Anwar

Squid Subagent Parser.rar
Parents
  • Hello Anwar,

    Good Day,

    Currently, I have to build a custom connector for Array VPN syslog messages which is in Squid and WELF format.

    We are using Logger Software(v5.3.1) on Linux. We have smart connector(V5.1) for windows syslogs.

    Can you plz help o configure/devolp smart connector for Array VPN syslogs.

    Thanks

    Mahesh

Reply
  • Hello Anwar,

    Good Day,

    Currently, I have to build a custom connector for Array VPN syslog messages which is in Squid and WELF format.

    We are using Logger Software(v5.3.1) on Linux. We have smart connector(V5.1) for windows syslogs.

    Can you plz help o configure/devolp smart connector for Array VPN syslogs.

    Thanks

    Mahesh

Children
No Data