Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello Everyone, I have a cluster Ironport running AsyncOS Version: 13.5.3-010. I want to send email logs to SIEM Server to centralize monitor and analyze. But the logs sent to SIEM are very short and missing a lot of information. For example:A log re...
Hi Ken Stieers, Following your guide help me put my information into single logs events as I want. But there is still missing some information. For example Email Subject, I'm not sure it is encoded or completely missing. Below is the raw logs: <38>De...
Hi Balaji,Thank you for your reply. I'm using Qradar SIEM and it has an application for Cisco ESA but not Cisco Ironport. I'm read the App requirement and I notice the version name is just like the OS of Ironport but maybe the OS of Cisco ESA and Iro...
Hi Balaji, Thank you for your reply, I'm using QRadar and it only supports the monitoring app for Cisco ESA but not the Cisco IronPort. The OS name of Cisco Ironport and ESA seem like the same to me but I'm not sure is there any difference inside. I ...
