Hi,
We are looking to forward all our Events to Graylog.
CEF helps a lot - thanks for implementing.
But only Filtered Websites + Audit Logs are forwarded.
No HIPS-Events, no Device-Events.
A wireshark on the graylog shows no data sent (except the website-filtered)
A Notification with forward to syslog works, but does not contain all information needed
I can't find a filter on Protect Server or anything else that could have filtered these events.