Syslog - BluVector
Device Details
Vendor | BluVector |
|---|---|
Device Type | NETWORK INFRASTRUCTURE (SYSTEM AND APPLICATION) |
Supported Model Name/Number | N/A |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | N/A |
Log Source Type | Syslog - BluVector |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
Threat Information Message | N/A | <account>, <dip>, <dport>, <hash>, <object>, objecttype> <protname>, <quantity>, <session>, <sip, <sport>, <sname>, <sport>, <threatname>, <useragent> |
Catch ALL : Level 1 | N/A | <action>, <dip>, <dport>, <protname>, <quantity>, <sip, <sport>, <sname> |
Parsed Metadata Fields
Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
app | <action> | Text/String |
clamav | <threatname> | Text/String |
dest | <dip> | IP Address |
dest_port | <dport> | Numeric |
fname | <object> | Text/String |
ftype | <objecttype> | Text/String |
headers_user-agent | <useragent> | Text/String |
hostname | <sname> | Text/String |
score | <quantity> | Text/String |
session_id | <session> | Text/String |
sha256 | <hash> | Text/String |
src | <sip> | IP Address |
src_port | <sport> | Numeric |
transport | <protname> | Text/String |
user | <account> | Text/String |