Highlighted
Absent Member.
Absent Member.
398 views

Logger 6.1: receive logs in CEF format from centOS

We have ArcSight logger 6.1 installed. We want to send CentOS syslogs to the logger and see them on ArcSight console in CEF format. At present we have configured CentOS rsyslog daemon to send logs to ArcSight logger at UDP port 5924 (configured UDP receiver). The logs are coming but are in RAW format.

We want to receive the logs in CEF format. How can we do that? I tried to search for it and think that I need to install a collector in the  logger server that will convert the logs in CEF, is that correct? if so how do I do that?

Kindly Help,

thanks

Labels (2)
0 Likes
1 Reply
Highlighted
Micro Focus Expert
Micro Focus Expert

You will need to setup a SmartMessage receiver, install a syslog daemon Smartconnector, and setup the destination as SmartMessage.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.