Does anyone know if there is a way to configure how syslogs are received in NPM?
I am doing log forwarding from my SIEM, but it will not take the syslog from the SIEM.
The SIEM is sending <PRIORITY> TIMESTAMP HOSTNAME MESSAGE, but NPM just puts the HOSTNAME as part of the message, it does not accept it as the HOSTNAME or IP address as fields.
How can I correct that?
RFC-3164 states that this is how messages should be forwarded.
Thanks for any insight.
Jason