Sonicwall parser


Sonicwall parser
View
Options
Author
Message
marcin.wrazidlo
marcin.wrazidlo
marcin.wrazidlo
posted 5 Years Ago
Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)
Group: Forum Members
Posts: 12, Visits: 58
I'm trying to set up a parser for the Sonicwall firewall.
I stop at moment on message.
I have two similar messages:
msg="Connection Closed" app=7927 n=12234655
msg="Connection Opened" app=49177 appName="General HTTPS" n=5319205
as you see on one is "appName". I worry that If this is missing in line, the parser will give me en error. Or not?
At moment whole message is in one column but I want to split it into different columns.
Reply Like 6
Reply
marcin.wrazidlo
marcin.wrazidlo
marcin.wrazidlo
posted 5 Years Ago
Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)Gaining Respect (128 reputation)
Group: Forum Members
Posts: 12, Visits: 58
Hi Toby
Thanks for your response and info.
I will look into this multi parser.

Regarding key-value I think this will be useful in some cases, so waiting to hear about a new version of your app. 

Marcin
Reply Like 6
GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...



Submit

Threaded View
Threaded View
Sonicwall parser
marcin.wrazidlo - 5 Years Ago
     Hi Marcin, You are correct - the LogViewPlus PatternParser cannot...
LogViewPlus Support - 5 Years Ago
             Hi Toby Thanks for your response and info. I will look into this multi...
marcin.wrazidlo - 5 Years Ago

Similar Topics

Post Quoted Reply

Login

Explore
Messages
Mentions
Search