The most recent content from our members.
This is related to another question, I'm still working on resolving. Until that is resolved though, I was wondering about using part of a field when making rules. Specifically, for my Cisco syslogs, the EventInfo field shows the hostname followed by a bunch of other information. For example: EventInfo: SWITCHNAME: Jul 20…
It looks like you're new here. Sign in or register to get started.