Views:

CEF System Logs

CEF Key
Description
Value 
Header (logVer)
CEF format version
CEF: 0
Header (vendor)
Appliance vendor
Trend Micro
Header (pname)
Appliance product
Deep Discovery Inspector
Header (pver)
Appliance version
Example: 3.8.1181
Header (eventid)
Signature ID
  • 300102
  • 300999
Header (eventName)
Description
Example: The system time setting has been changed.
Header (severity)
Severity
  • 2: Informational
  • 4: Warning
  • 6: Severe
Example: 2
c6a2
Source IPv6 address
Example: 2001:0:0:1::21
c6a2Label
Source IPv6 address
 Source IPv6 Address
deviceExternalId
Appliance GUID
Example: 6B593E17AFB7-40FBBB28-A4CE-0462-A536
duser
Action by
Example: admin
dvc
Appliance IP address
Example: 10.1.144.199
dvchost
Appliance host name
Example: localhost
dvcmac
Appliance MAC address
Example: 00:0C:29:6E:CB:F9
outcome
Outcome
  • Success
  • Failure
Example: Success
rt
Log generation time
Example: Mar 09 2015 17:05:21 GMT+08:00
src
User IP address
Example: 10.1.1.1
Log sample:
CEF:0|Trend Micro|Deep Discovery Inspector|3.8.1175|300999|T
he system time setting has been changed.|2|dvc=10.201.156.14
3 dvcmac=00:0C:29:A6:53:0C dvchost=ddi38-143 deviceExternalI
d=6B593E17AFB7-40FBBB28-A4CE-0462-A536 rt=Mar 09 2015 16:46:
08 GMT+08:00