Hello, I setup a syslog sensor which is successfully receiving messages from my SonicWall with one minor issue. The sensor isn't parsing the different fields on the messages tab view. Everything appears in the "Message" field. Below is an example of what I see in the Message field. I would think it should parse the message and put the value of time= into the "Timestamp (Device)" field, app= into the "App Name" field, etc but it's not.
id=TZ500 sn=xxxxxxxxxxx time="2019-03-15 22:45:19" fw=xxx.xxx.xxx.xxx pri=6 c=1024 gcat=6 m=537 msg="Connection Closed" src=192.168.18.138:55934:X1 dst=192.168.3.14:161:X1 proto=udp/161 sent=107 spkt=1 vpnpolicy="Newark" app=39 n=28799134 fw_action="NA"
Did I configure something wrong on the sensor?
Article Comments
Hi Bob,
No we never heard something regarding this matter. This being said, please reach out as described above but we have to start from scratch in this case.
Best,
Sebastian
Jul, 2020 - Permalink
Hello epgalli,
Thank you very much for your contact.
In this particular case, I'd like to encourage you to contact us via PRTG directly. We will need some log files from the sensor and its configuration which is better provided via email than via the knowledge base.
Your case will be taken over either by my colleagues or myself.
Thank you very much in advance.
Best regards,
Sebastian
Mar, 2019 - Permalink