Re: CA Signed Certificate process

Rob_SIEM · 07-25-2024

Hi Christian, Under no circumstance should an upgrade remove SSL certificates on the Supervisor, workers, or collectors. Those should be preserved and config restored on upgrade. If it is not, it would be a bug. I'll ask the team if this is a known i...

Rob_SIEM · 07-25-2024

This parser doesn't make use of any custom attributes not available in 7.2.0. The temporary variables starting with _ such as _duration do not have any impact on valid parsing of the event. This parser also parses the sample logs given so far correct...

Rob_SIEM · 07-24-2024

This log you attached parses perfectly fine with the attached parser. Perhaps there is some issue with the changes not taking effect. Please open a TAC case so we can see the issue directly. In the TAC case, please export all the Citrix logs to CSV f...

Rob_SIEM · 07-24-2024

All attributes used in the parser are default system attributes in 7.2.x of FortiSIEM. The sample log used was the one you provided here: <134> 07/22/2024:07:47:27 GMT VNS01 0-PPE-0 : default SSLVPN LOGOUT 240699 0 : Context userroot@2.2.2.2 - Sessio...

Rob_SIEM · 07-24-2024

I tested successfully in 7.2.0 FSM as well for the sample event provided. When you cloned the system citrix parser, did you delete the entire parser logic, and paste in the entire parser file attached above? I used the same file contents in my test. ...

User Statistics

User Activity

Re: CA Signed Certificate process

Re: Citrix Netscaler Parser

Re: Citrix Netscaler Parser

Re: Citrix Netscaler Parser

Re: Citrix Netscaler Parser

Re: CA Signed Certificate process

KCS