User Profile
SentNewbie
Copper Contributor
Joined Feb 03, 2022
User Widgets
Recent Discussions
Re: Log Forwarder with multiple log sources to Sentinel
Hey, did you get anywhere with this? I'm in a similar position, we've got fw logs coming through as CEF (successfully) and a Citrix Netscaler which the logs are coming into port 514 but the log forwarder is not pushing those logs to port 25226. I've created the rules and even tried it on port 25224 ( as per the Sentinel guides for Syslog) but cant seem to get the logs from incoming port 514 to 127.0.0.1:25226 and then sentinel. I've configured the filters using rsyslog, and added everything needed for the logs.3.9KViews0likes0Comments
Recent Blog Articles
No content to show