BlueCoat SG810 Event Logging - Enterasys SIEM

  • 0
  • 1
  • Problem
  • Updated 4 years ago
  • Solved

I like to receive through syslog to my SIEM the "event logging" generated by a BlueCoat SG810. I already configured the BlueCoat and in my SIEM, in LOG ACTIVITY, this is what appears

Event Name:Unknown log event
Low Level Category:Unknown Generic Log Event
Event Description:Unknown Generic Log-only event
PAYLOAD (utf): <25>Jun 03 15:01:52 ProxySG: 90000 NTP: Response received from wrong NTP Server: is not SEVERE_ERROR ../ntp.cpp 479

In "LogSource" the spurcedevice didn't appear although there is a logsourcetype "BlueCoat SG Appliance"

Do I need to change or update anything in my SIEM (7.7.2 Patch 2 (Build 636622 (

Or I need to "extract the property" for these events.


Photo of cos


  • 212 Points 100 badge 2x thumb

Posted 4 years ago

  • 0
  • 1

Be the first to post a reply!