0 Replies Latest reply on Mar 27, 2013 3:56 PM by Chrystal Taylor

    Test Syslogs

    Chrystal Taylor

      So, we have set up on a Windows box to send test syslogs to the LEM.  Problem is that I have not yet been able to get them to show up in the web console, and even doing a scan for new nodes does not turn up those nodes that we have sending syslog.  I have been sending test syslogs with Engineers Toolset.  I can see them in the log store, and have tried to alter like the syslog snort connector to look into those specific log stores.  Still nothing.  So, my question is:  Are they not showing up because LEM does not know how to parse and normalize them?  We are not currently saving the raw logs, so my hunch is that this has something to do with it.  We are getting logs from an ASA but my client is hesitant to add any other devices as those tests are not showing up.  They are a bit gun shy as it were in case they won't see all of the logs that they are sending.  Which won't be a problem if it is a supported data source and the connectors are configured, as I already know. 

       

      Thanks,

      Chrystal Taylor

      http://www.loop1systems.com