The last time that ESI was updated was in 2012.
I was wondering if ESI will be modified to fully function with Security Analytics.
Or are there any other tools that can be used to build XML based log parsers?
only ESI so far, and it's working, the xml version need to be 2.0, i asked question previously, you may check the old post
How to deploy the event source package created by ESI?
Ok. Quick Update here. I updated ESI with the latest event source update and although I can properly parse messages with my parser I get the following error message.
"Report is not generated because the message definition contains tags unsupported by ESI".
Any idea what causes this error message?
where you see the error? can share the samples so i can check in my computer?
I've attached the test xml parser and test log.
Please let me know if you find anything.
sorry for the late reply, let me check and update you.
where you get the error? i opened but all the 3 logs are not parsed
I even tried this with existing XML parsers with sample logs.
All the log messages were parsed on the header and message side.
Once, I try and run the Event Analysis Report. The Report completes but I get the following error for the message.
Report is not generated because the message definition contains tags unsupported by ESI.
Thanks a lot. I'll give this a shot.
Retrieving data ...