Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Cadet 1st Class Cadet 1st Class
Cadet 1st Class
1040 views

Syslog Connector is not parsing some of the Events

Hi,

I have Syslog Connector(7.3.1) which is not parsing some of the Firewalls(Juniper and ASA)  and Router(Cisco) Events.So  the name of Event itself is coming as unparsed  Events in the Connector.Please anyone help to make this Unparsed Events to get parsed.

Labels (1)
0 Likes
3 Replies
Fleet Admiral
Fleet Admiral

Hi Darshan,

1st you can see what are those unparse event using tcpdump. Then you may be needed edit relevant Syslog parser file. But I  have never done it before.

Mr
0 Likes
Lieutenant Commander
Lieutenant Commander

Any solution for this? I tried to upgrade the parser and connector version for some connector it worked but for couple of ,no luck. 

Any solid solution would be highly appreciated!

Best,

JJ

0 Likes
Vice Admiral Vice Admiral
Vice Admiral

You are using a VERY old connector version.. i'd suggest that you consider upgrading.
I'm also assuming that your network devices which are sending the syslogs are running "current" (supported) software.

There were a number of parser updates in the 7.8.0 release which resolved a lot of the Juniper "Unparsed event" - look at the release notes for the SmartConnector framework releases for information on what parsers were updated.

I'd suggest you look at upgrading to 7.9.0 (as there's an issue with 7.8.0 when sending to logger destinations)..

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.