Hi Team,
I could see logs coming from UNIX devices in the below format
<38>Aug 1 13:20:29 dns.customer.net 10.32.9.5 sshd[14171]: Failed password for michal from 10.32.7.28 port 58255 ssh2
When i look into the selected events on the left panel these logs are not getting parse, like username, source ip , port, protocol. Any suggestion please. Logs are coming through rsyslog mechanism using TCP input from the device
... View more