|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Log Decoder, Security Analytics UI
RSA Version/Condition: 10.3.x, 10.4.x
O/S Version: EL6
|Issue||Logs from Proofpoint version 7.5 and above that are consumed by a Security Analytics log decoder are not being parsed correctly by the proofpoint log parser.|
The device.type meta for the logs is labeled as "unknown" in the Security Analytics UI.
|Cause||At this time the proofpoint log parser does not support logs from Proofpoint 7.5 and above.|
|Resolution||An updated log parser is scheduled to be released as part of ESU #78 during the first week of March, 2015.|