Skip to main content
Skip table of contents

Syslog - enSilo NGAV (FortiEDR)

Device Details

Vendor

Fortinet (enSilo)

Device Type

Next Generation Anti Virus

Supported Model Name/Number

Endpoint Security Product

Supported Software Version(s)

N/A

Collection Method

Syslog

Configurable Log Output?

N/A

Log Source Type

Syslog - enSilo NGAV

Log Processing Policy

LogRhythm Default

Exceptions

N/A

Additional Information

https://www.ensilo.com
https://www.fortinet.com/content/dam/fortinet/assets/legal/external-faq-ensilo.pdf
https://www.ensilo.com/news-items/ensilo-adds-ngav-support-remove-redundant-security-remediation-expenditures/
https://www.fortinet.com/products/fortinet-acquires-ensilo.html

Currently Supported Log Types

Type

Product Version

Supported Schema Fields

System And Security Process Messages

All

<severity>, <vmid>, <dname>, <status>, <useragent>, <process>, <parentprocesspath>, <objecttype>, <objectname>, <dip>, <subject>, <action>, <seconds>, <vendorinfo>, <threatname>, <login>, <dmac>, <sname>

General Information Messages

All

<severity>, <vmid>, <dname>, <status>, <objectname>, <subject>, <login>

Catch AllAll<severity>



Parsed Metadata Fields

Device Field NameLogRhythm Metadata FieldValue/Data Type
ActionActionText/String
Autonomous SystemSNameText/String
Classification / Component Name ObjectNameText/String
CountSecondsNumber
DestinationDIPIP Address
Destination / DescriptionSubjectText/String
Device Name / deviceDNameText/String
Device StateStatusText/String
Event ID / EventVMIDNumber
MAC AddressDMACMAC Address
Operating SystemUserAgentText/String
Process NameProcessText/String
Process PathParentProcessPathText/String
Process TypeObjectTypeText/String
Rules ListPolicyText/String
severitySeverityText/String
UsersLoginText/String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close