Flex connector : Log parsing issue
I faced some issue while deploying the flex connector.🤔
1) from agent.log i grabbed some error one of them is [ERROR][default.com.arcsight.agent.configtool.h$a][correctFile] Cannot write to [/opt/local/monit/watchdog/appliance-connectors.monitrc]
2) however FW is allowed and network is good but the flex can not parse the events. while i tried to use Syslog message sender software to send custom Syslog message; the flex connector receive and parse form the mentioned software i can see the parsed logs in the ESM and Logger.
3) Any one know how to parse the syslog in to one token i want to map all the log detail into message field or name field ?
Appreciate your kind support..