Unable to fetch logs


#1

Hi Everyone,

I recently forwarded my Cylance syslog traffic to DNIF…but I couldn’t see any logs in Seach.

Please help me to fix this issue.


#2

Hi @Arjun

Could you please let me know the status for the following:

  • Check if your DNIF Docker container is in running state or not?
  • Check for all the services running status.
  • Can you verify using “tcpdump” if the logs are being forwarded to the DNIF Adapter IP?

#3

Hi Riccardo,

Thank you for your reply.

Actually My Cylance is hosted in the cloud.

Could you please briefly assist me with what I have to do now?

Also when i gave this command " tcpdump -D" it show everything is in up.


#4

@Arjun - could you use tcpdump on port 514 and check if events are being forwarded from the desired IP address (Cylance device)?