The Trend
Micro™ Syslog Content Mapping Guide provides information about log
management standards and syntaxes for implementing syslog events in Trend Micro
Deep Discovery Inspector.
To enable flexible integration with third-party log management systems, Deep Discovery Inspector supports the following syslog
formats:
|
Log Management System
|
Description
|
|
Common Event Format (CEF)
For details, see Syslog content mapping - CEF
|
CEF is an open log management standard created by HP ArcSight.
Deep Discovery Inspector uses a subset of the CEF
dictionary.
|
|
Log Event Extended Format (LEEF)
For details, see Syslog content mapping - LEEF
|
LEEF is an event format developed for IBM Security QRadar.
Deep Discovery Inspector uses a subset of the LEEF
dictionary.
|
|
Trend Micro Event Format (TMEF)
For details, see Syslog content mapping - TMEF
|
TMEF is a superset of log fields that allow a third-party syslog collector to better
control and mitigate detection events provided by Deep Discovery Inspector.
|