Options to send syslog in RFC5424 format

ian.ranstrom · April 15, 2026, 12:13pm

What is a one sentence summary of your feature request?

Add tags to NTP agent that allow RFC5424 to be matched.

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

Timestamps currently only present in local or UTC format. Timestamp format ISO 8601 should be available 2026-03-29T22:31:30.000Z. Product refers to itself as Netwrix Threat Prevention, spaces are not allowed in this format and should be Netwrix-Threat-Prevention.

How do you currently solve the challenges you have by not having this feature?

Currently no workaround as the SIEM being used is not ingesting events properly due to missing formats.

kevin.joyce · April 22, 2026, 11:55pm

Hi Ian,

Thanks for this submission! What SIEM platform are they leveraging that only accepts RFC5424? I’ll review this with the team, but that information would help.

Topic		Replies	Views
Request to enable SIEM log forwarding formats (CEF or LEEF format) Ideas under-review , ideas , siem	3	79	February 13, 2026
Syslog with TLS Ideas password-secure , already-exists , ideas	3	72	March 30, 2026
Patch Version 7.4.0.229 Released News threat-prevention , announcement , release-patch	0	51	July 31, 2025
Patch Version 7.5.0.224 Released News threat-prevention , announcement , release-patch	0	74	July 31, 2025
Enhanced NTP Agent Log Collection Ideas threat-prevention , under-review , ideas , threat-prevention-agents	1	34	June 20, 2025

Options to send syslog in RFC5424 format

What is a one sentence summary of your feature request?

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

How do you currently solve the challenges you have by not having this feature?

Related topics