eStreamer has got lot of disadvantages (eg extra perl modules, pull technology etc..). So was planning to use "syslog" from Cisco Firesight/Defence Centre. Does anyone know if there are issues with Firesight syslog? Is any data missing if we use syslog?
I can see Splunk supported addon works with both estreamer output and syslog. So preferred way for us is to go with syslog.
Would be very helpful to know if any of you have implemented using Firesight syslog.
↧