Hi Christian, Under no circumstance should an upgrade remove SSL
certificates on the Supervisor, workers, or collectors. Those should be
preserved and config restored on upgrade. If it is not, it would be a
bug. I'll ask the team if this is a known i...
This parser doesn't make use of any custom attributes not available in
7.2.0. The temporary variables starting with _ such as _duration do not
have any impact on valid parsing of the event. This parser also parses
the sample logs given so far correct...
This log you attached parses perfectly fine with the attached parser.
Perhaps there is some issue with the changes not taking effect. Please
open a TAC case so we can see the issue directly. In the TAC case,
please export all the Citrix logs to CSV f...
All attributes used in the parser are default system attributes in 7.2.x
of FortiSIEM. The sample log used was the one you provided here: <134>
07/22/2024:07:47:27 GMT VNS01 0-PPE-0 : default SSLVPN LOGOUT 240699 0 :
Context userroot@2.2.2.2 - Sessio...
I tested successfully in 7.2.0 FSM as well for the sample event
provided. When you cloned the system citrix parser, did you delete the
entire parser logic, and paste in the entire parser file attached above?
I used the same file contents in my test. ...