Hey guys,

Trying to format a custom log source from file.

It is failed to get picked up by the sample logs, and fails due to inability to find the date.

I am looking for the time field that I have highlighted, but all my attempts to create the custom field are note recognized. How might I format this?

id=DEVICEREMOVED sn=SERIALREMOVED time="2021-04-21 20:05:05" fw=192.168.0.119 pri=1 c=0 m=1154 msg="Application Control Detection Alert: PROTOCOLS SSH Protocol -- Client Request Outbound" sid=10097 appcat="PROTOCOLS SSH Protocol -- Client Request Outbound" appid=129 catid=74 n=15698 src=X.X.X.X:52689:X3 dst=X.X.X.X:22:X0 srcMac=MACREDMOVED dstMac=MACREDMOVED proto=tcp/22 fw_action="NA"

I am trying to forward specific events to Site24 so I Can create a simple dashboard. In this case, it is several Sonicwall firewalls.

Thanks!