Closed narsree1 closed 6 days ago
hi @narsree1 the log format provided in the attached documentation doesn't seem to be right and they provided only one example. Can you fetch more examples to a pcap file?
It seems that we haven't any activity during last 2 weeks. @narsree1 can you please share pcap file (with logs that producing your Sucuri device), you can send me on email ikheifets@splunk.com
@narsree1 I haven't got your pcap on email, are you sent it?
Closing this issue, because haven't got pcap file from @narsree1 and in general no reaction from @narsree1
**What is the sc4s version? 3.23.0
**Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support? No
**What the vendor name? Sucuri
**What's the product name? WAF
**If you're requesting support for a new vendor, do you have any preferences regarding the default index and sourcetype for their events? index:Sucuri , Sourcetype: sucuri:alert
**Do you have syslog documentation or a manual for that device??https://docs.sucuri.net/website-firewall/configuration/integrating-with-splunk/
**Feature Request description: create a parser to parse events for Sucuri
**Do you want to have it for local usage or prepare a github PR? local usage