In addition to what Andrew said, if by ESM you refer to McAfee ESM, then
you need to be mindful it expects the system to send data in a particular
format and the data source to be configured on what the call a Forwarder.
On Fri, Feb 23, 2018 at 11:49 PM, John Smith <mc...@hotmail.co.uk> wrote:
> Was just wondering how you (or anyone else) managed to solve this problem?
> We're doing something similar in that we're using Nifi to collect all our
> syslogs (using GetSysLog) and processing and forwarding it on to our ESM
> (using PutSysLog). The IP address which shows up in our ESM is the IP
> address of our Nifi box sending the syslog packets which is not ideal to
> the least! My current thought is to write a custom processor but it would
> good if I didn't have to do this!
> Sent from: http://apache-nifi-developer-list.39713.n7.nabble.com/