Forum Discussion
Cisco IronPort .
We are trying to collect "CEF" logs from Cisco IronPort using Azure Sentinel. Syslog forwarder is configured on RHEL machine. we do get data for "syslog". However nothing under the "CommonSe...
Thanks. I was under impression that IronPort is kind of cisco ASA.
We actually got the syslog for facility and auth.
Cisco Secure Email Gateway (aka IronPort) does support CEF formatted logs but you have to add a New Log Subscription and select the fields you want in single log line format. These logs can be delivered via syslog or AWS S3 buckets.