Forum Discussion
Syslog host IP issues
Has anybody run into an issue within syslogs where IP addresses are showing up in the SyslogMessage column, but not in the the HostIP column? I am seeing ssh attempts from IP's but the originating IP...
Hi
Is this syslog from a local machine with the agent? Or syslog CEF where a message is being sent via CEF to a machine with the agent?
Either way, could you share the source message format? and a screen capture of the data in the Azure Sentinel workspace?