Forum Discussion
Some syslog from Meraki is being truncated
Hi all I'm hoping someone can point me in the right direction please. For some unknown reason some meraki logs are loosing the first 6-7 fields. If I take one sample of a conversation bel...
Are you using the parser?
These queries and workbooks are dependent on a parser based on a Kusto Function to work as expected. Follow the steps to use this Kusto functions alias CiscoMeraki in queries and workbooks. Follow these steps to get this Kusto functions.
https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/CiscoMeraki/CiscoMeraki.txt
These queries and workbooks are dependent on a parser based on a Kusto Function to work as expected. Follow the steps to use this Kusto functions alias CiscoMeraki in queries and workbooks. Follow these steps to get this Kusto functions.
https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/CiscoMeraki/CiscoMeraki.txt
Hi
I started of trying to use the parser but it wasn't matching as expected which prompted me to look at the underlying SyslogMessage. This is where I noticed what was appearing was missing some of the proceeding data.
Is there a way to debug what the collector (oms agent) is sending up ?
thanks
B.