I could absolutely be approaching this the wrong way.
I have a syslog server that is reeving syslog data from other devices on the network. I need to forward these logs to OSSIM for inspection. I have the forwarding setup correctly on the syslog server side, I can verify this by watching a tcpdump from the syslog server, I see 514/UDP being transmitted to OSSIM, and a tcpdump from OSSIM sees the same.
My question probably is simply scoped like this: do I need to add a plugin at the asset level for this work? There's no "Vendor" for "CentOS" but there IS one for "Red Hat", but there's also one for "Linux" and "syslog". THe logs that will be forwarded from this server includes firewall logs, critical server logs, etc. SO there's many different logs to be parsing.
I added the "Syslog" plugin just for testing but it says "Receiving Data: No". Any help would be great. Thanks!