ES 10.0.6, Syslog - you good bro?
I'am not really happy with the log management (even having a hard time calling it that) on the E-Mail Security Appliance, downloading logs for further analysis is a joke and no pleasure at all.
But there is syslog for centralized logging, the savior. #SIDENOTE - the developer of rsyslog just lives a few kilometres away from here, go rsyslog :)
And here ends my story abruptly, the ESA is just not sending anything to the syslog server, even having it at severity level SYSLOG_DEBUG, nothing, nada, nil.
Does anyone configured the ESA forwarding information to a syslog and what information can be expected? The option "send message details" sounded so compelling.