Hi guys,
I'd like to set correlation rule that would be able to capture any CISCO Nexus messages on severity 0 ,1 and 2. I've created correlation rule with content function in use. That was easy.
But I don't know how to capture messages which are not being parsed. Unfortunately most of Hardware messages are not parsed and Content function is able to search only in payload. Any idea how to solve it?
