In addition to what Andrew said, if by ESM you refer to McAfee ESM, then
you need to be mindful it expects the system to send data in a particular
format and the data source to be configured on what the call a Forwarder.


On Fri, Feb 23, 2018 at 11:49 PM, John Smith <> wrote:

> Was just wondering how you (or anyone else) managed to solve this problem?
> We're doing something similar in that we're using Nifi to collect all our
> syslogs (using GetSysLog) and processing and forwarding it on to our ESM
> (using PutSysLog). The IP address which shows up in our ESM is the IP
> address of our Nifi box sending the syslog packets which is not ideal to
> say
> the least! My current thought is to write a custom processor but it would
> be
> good if I didn't have to do this!
> --
> Sent from:

Reply via email to