Hi, We are using a custom syslog header to parse Windows Events into syslog format, but it does not seem to be picking up the structured data.
In our custom syslog header, we have referenced %syslogstructdata% and we are trying to set a property so that syslogstructdata is equal to the structured XML of the windows event. We are unable to get this to come through and can only get it if we use logpoint SIEM JSON format. Kind regards, James _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
