@Samy_Weee Yes Please do.
Completed.
@stephenb I am bit confused now here is why...
I am finding where the root cause was ..
As per the documentation here.
In settings in sophos logging we are supposed to choose "Central Reporting Format" (From module documentation)
The syslog format choosen in Sophos configuration should be
Central Reporting Format.
When I do that what I documented is what we get. (We have been troubleshooting this)
There is another format in sophos, i.e. "Device Standard Format", then I am seeing, variables such as "recv_bytes" are available.
So my guess is who ever who wrote the module, wrote it for log format "Device Standard Format" ; But documenation is for "Central Reporting Format".
Still there are some numeric variables missing for ex cfiler.yml
So I think it is better to stick to our bug report and fix this for "Central Reporting Format".
2 Likes
@Samy_Weee Great analysis can you add that into the bug too That seems to make a lot of sense!
Thanks so much for all your work on this!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.