Hello everyone, everything good ? I need help.
I configured the log exporter but the events that arrive at the siem are very low, below the evidence.
name: LOG_EXP domain-server: : CK
enabled: true
target-server: 10.0.1.1
target-port: 514
protocol: udp
format: syslog
read-mode: raw
export-attachment-ids: false
export-link: false
export-attachment-link: false
time-in-milli: false
export-log-position: false
reconnect-interval: Not configured, using default
Logs
[4011834176][31 May 12:09:42] Files read rate [adtlog] : Current=0 Avg=0 MinAvg=0 Total=2 buffers (0/0/0/0)
[4028619584][31 May 12:09:47] Files read rate [log] : Current=0 Avg=0 MinAvg=0 Total=13 buffers (0/0/0/0)
[4028619584][31 May 12:09:47] Sent current: 0 average: 0 total: 0
[4011834176][31 May 12:09:47] Files read rate [adtlog] : Current=0 Avg=0 MinAvg=0 Total=2 buffers (0/0/0/0)
[4028619584][31 May 12:09:52] Files read rate [log] : Current=0 Avg=0 MinAvg=0 Total=13 buffers (0/0/0/0)
[4028619584][31 May 12:09:52] Sent current: 0 average: 0 total: 0
[4011834176][31 May 12:09:52] Files read rate [adtlog] : Current=0 Avg=0 MinAvg=0 Total=2 buffers (0/0/0/0)