Created on 10-05-2016 01:25 AM Edited on 03-23-2022 01:08 PM By Anonymous
Description
You have syslog events from a device that AccelOps supports yet the Event Type is being assigned Unknown_EventType.
Currently AO parsers require a PRID in the syslog header in order to be parsed correctly.
Example of a syslog event with a PRID:
Aug 22 12:31:07.418: %SYS-5-CONFIG_I: Configured from console by joeadmin on vty0 (10.10.10.10)
And here is how AO parses this event:
Example of a syslog event without a PRID:
<187>47258: Aug 22 12:31:07.418: %SYS-5-CONFIG_I: Configured from console by joeadmin on vty0 (10.10.10.10)
And here is how AO parses this event:
NOTE:
This will be optional starting in version 3.7.1.
Version Application
All < 3.7.1
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.