splunk-connect-for-syslog icon indicating copy to clipboard operation
splunk-connect-for-syslog copied to clipboard

Published 20 hours ago verified publisher icon splunk

Create a SC4S parser for akamai guardicore syslogs data

Open lmsunilsameleti opened this issue 6 months ago • 2 comments

Note: If your issue is not a bug or a feature request, please raise a support ticket through our support portal (Splunk.com > Support > Support Portal). This will help us resolve your issue more efficiently and provide you with better assistance. For more information on how to work with the Splunk Support, please refer to this guide.

What is the sc4s version? 3.33.1v Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support? NO What the vendor name? Akamai What's the product name? Guardicore If you're requesting support for a new vendor, do you have any preferences regarding the default index and sourcetype for their events? NO

Do you have syslog documentation or a manual for that device?? Yes Feature Request description: provide the new parser for Akamai guardicore to ingest the syslogs formatted data.

Do you want to have it for local usage or prepare a github PR? github PR

Akamai-Guardicore-Syslog-Common Event Format (CEF).pdf

lmsunilsameleti avatar Apr 15 '25 14:04 lmsunilsameleti