The Deep Discovery Email
Inspector Syslog
Content Mapping Guide provides information about log management standards and syntaxes
for
implementing syslog events in Trend Micro
Deep Discovery Email
Inspector.
To enable flexible integration with third-party log management systems, Deep Discovery Email
Inspector supports the following syslog
formats:
|
Log Management System
|
Description
|
|
Common Event Format (CEF)
For details, see Syslog Content Mapping - CEF
|
CEF is an open log management standard created by HP ArcSight.
Deep Discovery Email
Inspector uses a subset
of the CEF dictionary.
|
|
Log Event Extended Format (LEEF)
For details, see Syslog Content Mapping - LEEF
|
LEEF is an event format developed for IBM Security QRadar.
Deep Discovery Email
Inspector uses a
subset of the LEEF dictionary.
|
|
Trend Micro Event Format (TMEF)
For details, see Syslog Content Mapping - TMEF
|
TMEF is a superset of log fields that allow a third-party syslog collector to
better control and mitigate detection events provided by Deep Discovery Email
Inspector.
|