Syslog - Cylance CEF
Device Details
Vendor | Cylance |
|---|---|
Device Type | Cloud (System and Application) |
Supported Model Name/Number | Dell |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | No |
Log Source Type | Syslog - Cylance CEF |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information | N/A |
Currently Supported Log Types
Type | ProductVersion | Supported Schema Fields |
|---|---|---|
CylanceCEF Audit Messages | All | <severity>, <object>, <sip>, <objectname>, <sname>, <reason>, <parentprocesspath>, <status>, <vendorinfo>, <objectname>
|
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
DellDdsPayloadMessage | <vendorinfo> | Info |
DellDdsPayloadPath | <parentprocesspath> | Path |
DeviceExternalId | <objectname> | String |
DeviceName | <object> | String |
Info | <severity> | Severity Type |
Reason | <reason> | String |
Source IP | <sip> | Sip |
SourceHostName | <sname> | String |
Status | <status> | Not Protected |