The Deep Discovery Web
Inspector Syslog
Content Mapping Guide provides information about log management standards and syntaxes
for
implementing syslog events in Trend Micro
Deep Discovery Web
Inspector.
To enable flexible integration with third-party log management systems, Deep Discovery Web
Inspector supports the following syslog
formats:
|
Log Management System
|
Description
|
|
Common Event Format (CEF)
For details, see Syslog Content Mapping - CEF
|
CEF is an open log management standard created by HP ArcSight.
Deep Discovery Web
Inspector uses a subset
of the CEF dictionary.
|
|
Log Event Extended Format (LEEF)
For details, see Syslog Content Mapping - LEEF
|
LEEF is an event format developed for IBM Security QRadar.
Deep Discovery Web
Inspector uses a
subset of the LEEF dictionary.
|
|
Trend Micro Event Format (TMEF)
For details, see Syslog Content Mapping - TMEF
|
TMEF is a superset of log fields that allow a third-party syslog collector to
better control and mitigate detection events provided by Deep Discovery Web
Inspector.
|