I working on integrating Sophos firewall via UDP --> screenshot attached
I'm receiving the logs perfectly but I had an issue with no correct parsing of the data, and since all the log details are on the same field and the dashboard not getting the information correctly -- > screenshot attached.
elastic v 8.9.1
fleet server with elastic agent
any assistance
Hi @Ahmad_Shrateh,
Sorry for the late response.
It looks like an error in the integration's pipeline while decoding the events. Is this happening with every Sophos log that the integration receives? or with a particular type of log?
It would be very helpful if you provide the log(s) that are not being parsed as expected (please replace any sensitive data) so we can reproduce the issue and apply a fix.
Thanks!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
