Cisco Iron Port

Document created by sboa@loc.gov on May 14, 2013
Version 1Show Document
  • View in full screen mode

I have installed Cisco Iron Port using one of my Syslog connectors, I see logs in ArcSight, however all of the data from the record is in the name or message field. Can someone help me to configure ArcSight to parse out the message into independent fields and provide definitions for each field? Any information or help would be much appreciated. Thanks

Attachments

    Outcomes