Alexander Keilhofer 0 Posted April 4 Share Posted April 4 Hi, We are looking to forward all our Events to Graylog. CEF helps a lot - thanks for implementing. But only Filtered Websites + Audit Logs are forwarded. No HIPS-Events, no Device-Events. A wireshark on the graylog shows no data sent (except the website-filtered) A Notification with forward to syslog works, but does not contain all information needed I can't find a filter on Protect Server or anything else that could have filtered these events. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.