graylog-fortigate-syslog icon indicating copy to clipboard operation
graylog-fortigate-syslog copied to clipboard

Published 20 hours ago verified publisher icon seanthegeek

Logs are routed to default stream & only processed into FortiGate Syslog a day later

Open Rudiedevries opened this issue 2 years ago • 1 comments

We have data/logs coming into the Graylog server, but it goes directly into the default stream.

When testing the "FortiGate Syslog" stream rule against logs being received, it stated " This message would be routed to this stream!"

But its still routing into the default, please advise...

When the solution is left over night it seems that it does process the logs into the correct stream, but this only happened afterhours, and i am not sure if this moved all data as well.

Rudiedevries avatar Apr 21 '23 11:04 Rudiedevries

Try with the latest release. I updated the stream regex rule to cover more serial numbers.

seanthegeek avatar Feb 25 '24 16:02 seanthegeek