Getting Data In

Why are there field extraction issues when indexing Barracuda Web Security Gateway via syslog?

pl2345
Path Finder

We've been indexing logs from our Barracuda Web Security Gateway via our syslog server with a default sourcetype of syslog. It works ok but doesn't pull out all the fields and field extraction is hit or miss, as the logs aren't consistent. I've tried the various Barracuda apps and TA's on splunkbase, both current and archived, with no success. Has anyone else solved this problem?

Labels (2)
0 Karma
Get Updates on the Splunk Community!

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...