Highlighted
Erik-F Absent Member.
Absent Member.
434 views

Extract raw syslog to file from a connector

Hi!

I need to write a Syslog Flex Connector and need to get the logs before I can do that.

I have the option on the Connector to add a new destination as CEF file or CSV file. The raw syslog hasn't the possibility to send it to a file. How do I proceed to get the logs to a file in a format so I can write the parser?

Labels (3)
0 Likes
Reply
2 Replies
Established Member.. anwarrhce1
Established Member..

Re: Extract raw syslog to file from a connector

What kind of device it is ? If you device is not capable to writing logs to a file then you should install syslog connector and point your device here.

You have two option 1. In connector define the destnation as csv file 2. define destination as manager and create a active channel, select the name/message field events in active channel and export to csv.

You need to write a Syslog Subagent parser.

Regards,

Anwar

0 Likes
Reply
Erik-F Absent Member.
Absent Member.

Re: Extract raw syslog to file from a connector

I figured it out myself. What i was looking for was:

Configure a csv destination. Add the field event.rawEvent

That makes it easier to create a parser.

0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.