Firewall Integrations | Support Additional Syslog Formats

[ebeahan]

Continuing the work started in #3377

Address these firewall integrations to ensure each is consistent in the syslog formats supported.

Fortinet
Syslog configuration now includes the option to enable RFC5424 format. Docs here.

• RFC5424

Juniper SRX

• RFC3164

Sophos XG
Device Standard Format isn't a standard syslog format according to their docs. Fine to limit our support to Central Reporting Format.

• RFC3164
• RFC5424

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[botelastic]

Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!

[botelastic]

Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!