i have a problem in source field value for certain clients appearing as a month name instead of its IP/hostname.
the common issue is that these clients are for vendor Huawei & they are routers of series NE40E
They might not send well-formed syslog messages which is parsed incorrectly by Graylog’s syslog inputs.
Try using custom extractors (or pipeline rules) for these devices.
Can you support with documentation link to help with this?
Another question please can extractors support to force source field to list the device hostname exactly?
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.