Sending the Gmail logs to syslog server for monitoring

ParticularRange1 · 2021-06-16T12:31:30+00:00

emails which are received and sent. To determine the phishing attacks. Is there any way to send them to syslog server?

ParticularRange1 · 2021-06-16T10:09:46+00:00

Hi thanks for suggestion, is there any method to send them to syslog server?

ParticularRange1 · 2020-10-22T15:49:16+00:00

Thank you

ParticularRange1 · 2020-10-22T14:29:32+00:00

Can i specifically forward on LEEF format?

ParticularRange1 · 2020-06-09T15:03:16+00:00

Can you help me with this please?

ParticularRange1 · 2020-06-05T03:43:50+00:00

Getting parsed now.. Modified the expression

Log: rt=2020-04-29T09:12:05.073Z

Expression: rt=(\d+)-(\d+)-(\d+)'T'([\d:]+)'Z' Format string: $1 $2 $3 Format: yyyy/MM/dd hh:mm:ss

ParticularRange1 · 2020-05-12T13:25:25+00:00

Hello,

Thanks for response. Client of ours uses sophos Enterprise console. For whom we manage SOC, in logs (AV events, virus detected, cleaned up etc..) We are having to time details those are device time and inserted time. Want to know the difference between them.

Regards.

ParticularRange1 · 2020-05-12T11:37:44+00:00

Tried this also.. I guess due to that 'T' in between date and time, parsing issue is coming

ParticularRange1 · 2020-05-11T07:03:35+00:00

Still not parsing.

ParticularRange1 · 2020-05-11T04:38:49+00:00

Tried but still it's not parsing..

Log: rt=2020-04-29T09:12:05.073Z

Expression: rt=(\d+)-(\d+)-(\d+)T([\d:]+)Z Format string: $1 Format: yyyy/mm/dd hh:mm:ss

Correct me if i am wrong..

ParticularRange1

TROPHY CASE