Forum Discussion
How does CEF know where to look on Syslog server for logs. Documentation unclear.
Hi, I'm trying to get ASA data in to Sentinel and can't figure out how the Syslog agent is supposed to know where to look for our ASA logs. The documentation labels these 4 steps; Select or creat...
The VM you configured basically just acts as a relay for sending events from your ASA into Sentinel.
From my understanding on how this works on the Syslog server. Once you enable the connectors, it enables regex parameters on the collector to parse the data.
When you run the validation script you should see syslog message being logged while it runs. If you don't see this than there is an issue somewhere with your configuration.