Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: What are the supported Syslog Formats?

App Control: What are the supported Syslog Formats?

Environment

  • App Control: All supported versions

Question

What are the supported log formats for syslogging?

Answer

The supported formats are:

  • Basic (RFC3164)– the default for upgrades from some previous releases

  • Enhanced (RFC5424) – a newer standard; the default for new installations

  • CEF (HP ArcSight) – the format to use to integrate CB Protection event logs withHP ArcSight ESM or HP ArcSight Logger

  • LEEF (IBM Q1 Labs) – the format to user to integrate CB Protection event logs with IBM Security QRadar Log Manager or IBM Security QRadar SIEM


Additional Notes

  • Ensure the syslog application supports these formats and are configured correctly 
  • Not all Syslog applications support these log formats
  • App Control Events Guides are available for all supported versions on the User Exchange

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
904
Contributors