Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Defense: Syslog Error: Output_Format of JSON or CEF was not Specified

CB Defense: Syslog Error: Output_Format of JSON or CEF was not Specified

Environment

  • CB Defense Web Console: All Versions
  • CB Defense Syslog Connector: All Supported Versions

Symptoms

  • Error found in cb-defense-syslog.log file: 
    ERROR - output_format of json or cef was not specified
  • Not receiving data into API or SIEM

Cause

The connector's cb-defense-syslog.conf file needs updated.

Resolution

Add the output format to the cb-defense-syslog.conf file immediately following the "policy_action_severity" section:
#
# Output format of the data sent. Currently support json or cef formats
#
# Warning: if using json output_format, we recommend NOT using UDP output_type
#
output_format=<format_type_here>

Additional Notes

  • The output_format field supports "json" and "cef" values.
  • The value defaults to "cef" if not specified.

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
529
Contributors