Hi @Mock - ,
Thanks for reaching out.
Based on the error message you provided, it seems that the issue is related to the timestamp format in the log message. The error message indicates that the timestamp format is invalid.
Regarding the format of the logs, the Common Event Format (CEF) is a standard format for security-related logs.
To resolve the issue, you can try changing the timestamp format in the log message to match the expected format. You can also check the configuration of the syslog daemon to ensure that it is configured to use the correct format. The syslog daemon should be configured to use the RFC 3164 format, which is the default format for syslog messages.
If you are using syslog-ng, you can check the configuration file /etc/syslog-ng/syslog-ng.conf
and update the format.
After making any changes to the configuration files, you will need to restart the syslog daemon for the changes to take effect.
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.