Syslog - Digital Guardian
Device Details
Vendor | Digital Guardian |
|---|---|
Device Type | Digital Guardian - Syslog |
Supported Model Name/Number | Event logs for Data Loss Prevention |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | N/A |
Log Source Type | Syslog - Digital Guardian |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Prerequisites
To access the Syslog - Digital Guardian, you will need one of the following Web browsers:
- Microsoft Internet Explorer 11 or higher
- Mozilla Firefox
- Apple Safari
- Google Chrome
Device Configuration Checklist
- https://securenetworks.pk/wp-content/uploads/2017/11/Digital-Guardian-Technical-Overview-April-2017.pdf
- https://digitalguardian.com/contracts/Digital_Guardian_7_Service_Specifications.pdf
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
DLP Events Message Information | All | <severity>, <version>, <vmid>, <policy>, <vendorinfo>, <dname>, <dip>, <login>, <subject>, <tag1> |
Catch All | All | <severity> |
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
Alert name | <vendorinfo> | Vendor Info |
Event comment | <subject> | Text/ String |
Event id | <vmid> | Vendor Message Id |
Event/Info | <severity> | Severity |
Impacted Hostname | <dname> | HostName |
IP | <dip> | Destination IP |
Policy | <policy> | Policy |
Product Version | <version> | Version |
User | <login> | Login |