Comments
-
Hello guys. I think that I've found the solution. If you disable the "Time Stamp" on syslog server definition, using syslog format, the UTC field disapears from syslog message received by wazuh and it could be decoded correctly. Hope this will be useful for you.