Syslog - Cisco Secure Email

Device Details

Device Name	Syslog - Cisco Secure Email
Vendor	Cisco
Device Type	Secure Email
Supported Model Name/Number	N/A
Supported Software Version(s)	N/A
Collection Method	Syslog
Configurable Log Output?	N/A
Log Source Type	Syslog - Cisco Secure Email
Log Processing Policy	LogRhythm Default V 2.0
Exceptions	N/A
Additional Information	https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_14-0/b_ESA_Admin_Guide_12_1_chapter_0100111.html https://docs.ces.cisco.com/docs/single-log-line-sll

Supported Log Messages

(List of LR tags used to parse the log information for each message type)

Type	Product Version	Supported Schema Fields
Cisco Secure Email Events	N/A	<vendorinfo>, <version>, <vmid>, <severity>, <serialnumber>, <policy>, <sname>, <action>, <tag1>, <dname>, <domainimpacted>, <dip>, <sender>, <threatname>, <domainorigin>, <group>, <sip>, <subject>, <result>, <status>, <protname>
Catch All : Level 1	N/A	<tag1>, <severity>

Revision History

KB Version	Log Type	Change Type	Details
KB 7.1.659.0	Syslog - Cisco Secure Email	New Device Documentation	N/A