Hi all,
I have a fortigate event that contains all the valuable info in a GenTrapMessage OID. The event looks something like the one below
"
What I want to do is display in the Event Name of a trigger the eventtime in date/time format and in the correct timezone. Does anyone have a clue how I can do this?
I can easily regex it out of the whole message, but I have no clue how to do the conversion.
Thanks,
V
I have a fortigate event that contains all the valuable info in a GenTrapMessage OID. The event looks something like the one below
<116> subject=csfname:N/A device=DEV_NAME severity=medium from=SOURCE_NAME trigger=Fortigate forward filter= log="logver=0700000066 idseq=72385337757794304 itime=1620290394 devid=DEV_SERIAL_NUMBER devname=DEV_NAME vd=VDOM date=2021-05-06 time=01:39:51 eventtime=1620290392085777601 tz="-0700" logid="0100044547" type="event" subtype="system" level="information" logdesc="Object attribute configured" user="admin" ui="GUI" action="Edit" cfgtid=9371680 cfgpath="system.interface" cfgobj="port2" cfgattr="status[up->down]" msg="Edit system.interface port2""
What I want to do is display in the Event Name of a trigger the eventtime in date/time format and in the correct timezone. Does anyone have a clue how I can do this?
I can easily regex it out of the whole message, but I have no clue how to do the conversion.
Thanks,
V
Comment