In order to feed a SIEM using syslog, I think it's useful to provide the payload in both encoding formats: ascii and hexadecimal. To cover this, I added the "aschex" format that does that so we keep the best of both worlds:
ascii encoding provides a quick way to read part of the payload (without considering special encoding for '<', '>' and '&')
hexadecimal encoding let's you see the detail of each byte
Using payload_encoding aschex, the payload appears as two strings (asc and hex) separated by a space separator.
Hi,
In order to feed a SIEM using syslog, I think it's useful to provide the payload in both encoding formats: ascii and hexadecimal. To cover this, I added the "aschex" format that does that so we keep the best of both worlds:
Using
payload_encoding aschex, the payload appears as two strings (asc and hex) separated by a space separator.