• Support
  • Forums
  • Blogs
A New Community Experience is Coming! For more information, please see our announcement.

Plugin For Zimbra Log

RaqheelcazeRaqheelcaze

New Life Form
Hi, i'm newbie to use ossim, and i'm using zimbra. I wanna ask something about zimbra plugin.

Dec 27 09:30:29 mailserver postfix/smtps/smtpd[7381]: 61737942497Z: client=unknown[x.x.x.x], sasl_method=PLAIN, [email protected]

I can see this log via console but i can't see this log via siem gui.
Is it because my plugin cannot parsing this log ?

Need help to parse this log, i need this log to be :
userdata1 = x.x.x.x                                           =====> IP source
userdata2 = sasl_method=PLAIN
userdata3 = [email protected]
Anyone can help me to make regex for that output ?

Thank you in advance.

Share post:

Sign In or Register to comment.