mstopa-splunk

Closing this issue due to the lack of a sample message. Please feel free to open a new one if needed.

Hi, I'm closing this issue due to the now outdated version of SC4S, but feel free to open a new issue if the problems persist on the latest release

I'm closing this issue because it's not possible to reproduce the context needed to solve it. However, feel free to open a new one if you have a feature request...

@PashFW thank you for reporting this and for all the research, it's super helpful. I will try to update the parser by the end of the next week

@PashFW Cisco IOS XR logs are not RFC compliant so we need to rely on parts of messages a lot. Please see changes in https://github.com/splunk/splunk-connect-for-syslog/pull/2270 and test if image `ghcr.io/splunk/splunk-connect-for-syslog/container3:pr-2270@sha256:b07de8f2338b7dab926f3ff9e4e580a54affe63cde68b5a425c60cea7a799fd9`...

fixed in https://github.com/splunk/splunk-connect-for-syslog/pull/2270

hi @Mosstrow reopened this issue

@Mosstrow this works on my end: ``` echo "290692: HOSTNAME RP/0/RSP0/CPU0:Mar 26 14:47:02.754 : SSHD_[65935]: %SECURITY-SSHD-6-INFO_USER_LOGOUT : User 'HELLO' from '8.8.8.8' logged out on 'vty0'" > /dev/udp/0.0.0.0/514 ```  I'm...

If you still have this problem, please send sc4s_tags

@Mosstrow can you try with the image`ghcr.io/splunk/splunk-connect-for-syslog/container3:pr-2399` ?