Thanks a lot..sure will do On Fri, 8 Nov, 2019, 9:31 PM Simon Elliston Ball, < [email protected]> wrote:
> Grok cannot easily parse asa on it’s own, which is why there is a separate > parser class for asa. Consider using they parser class in your > configuration (you’ll find details on that in the parser documentation). If > there are messages that are not covered in ten existing map and patterns, > you should consider submitting a PR. > > Simon > > On Fri, 8 Nov 2019 at 07:58, Hema malini <[email protected]> wrote: > >> Hi , >> >> How can i enable that parser? Also the grok patterns in that is missing >> few more sys log firewall messages. Do i have to add that as additional >> parser or can i use grok patterns. >> >> Thanks and Regards, >> Hema >> >> On Fri, 8 Nov, 2019, 8:32 PM Simon Elliston Ball, < >> [email protected]> wrote: >> >>> There is a Cisco ASA parser built into metron. I suggest using that. >>> >>> Simon >>> >>> On Fri, 8 Nov 2019 at 04:50, Hema malini <[email protected]> >>> wrote: >>> >>>> Hi, >>>> Any parser available for firewall logs for Metron. I am trying to >>>> integrate ciscoasa firewall logs with Metron. >>>> >>>> Thanks and regards, >>>> Hema >>>> >>> -- >>> -- >>> simon elliston ball >>> @sireb >>> >> -- > -- > simon elliston ball > @sireb >
