A New Community Experience is Coming! For more information, please see our announcement
Hi, i'm newbie to use ossim, and i'm using zimbra. I wanna ask something about zimbra plugin.
Dec 27 09:30:29 mailserver postfix/smtps/smtpd: 61737942497Z: client=unknown[x.x.x.x], sasl_method=PLAIN, [email protected]
I can see this log via console but i can't see this log via siem gui.
Is it because my plugin cannot parsing this log ?
Need help to parse this log, i need this log to be :
userdata1 = x.x.x.x =====> IP source
userdata2 = sasl_method=PLAIN
Anyone can help me to make regex for that output ?
Thank you in advance.