To enable flexible integration with third-party log management systems, TMWS supports Common Event Format
(CEF) as the syslog message format.
Common Event Format (CEF) is an open log management standard created by HP
ArcSight. TMWS uses a subset of
predefined extension keys and its own custom extension keys.
TMWS provides two
types of CEF syslog key-value mapping for use as necessary:
-
Syslog content mapping type 1
-
Syslog content mapping type 2
Note
To use this syslog content mapping type, make sure that you have installed the syslog forwarding tool version 3.1.0.2502 or later.