As far I followed the video tutorials I see that we can ingest custom data via Rest API in JSON format or via Syslog in CEF format. But what if a network device only send syslog in the simple format? I assume I could use rsyslog on a Linux server as well but since it is not in CEF format would need a custom table and a didicated DCR. If there is such a solution, can you make a tutorial of that as well. Would be much appriciated.
Thank you!!! This is exactly what I was looking for and very thoroughly explained. Great job sir!
Glad it was helpful!
Videos are very nice
Please do one video on phishing analysis
As far I followed the video tutorials I see that we can ingest custom data via Rest API in JSON format or via Syslog in CEF format. But what if a network device only send syslog in the simple format? I assume I could use rsyslog on a Linux server as well but since it is not in CEF format would need a custom table and a didicated DCR. If there is such a solution, can you make a tutorial of that as well. Would be much appriciated.
Amazing