Hi - I have asked my local TAM, but I’ll ask here anyway to get more eyes across it.
I have deployed an NSS server but the outputs are limited to:
Microsoft Cloud App Security (MCAS)
RSA Security Analytics
As you can see there is no native Syslog/TCP
I’m managed to get the NSS server to send data to our local Graylog server by working some magic on the Graylog Inputs, but it’s not an elegant solution and requires me to come up with Regex commands ot extract the fields I need. Laborious at best.
Does anyone else have a better suggestion OR know if Syslog TCP is on the horizon??