Device Details
|
Device Name |
Syslog - FireEye MPS |
|
Vendor |
FireEye MPS |
|
Device Type |
FireEye MPS |
|
Supported Model Name/Number |
N/A |
|
Supported Software Version |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output |
CEF |
|
Log Source Type |
Syslog - FireEye MPS |
|
Log Processing Policy |
LogRhythm Default V 2.0 |
|
Exceptions |
N/A |
|
Additional Information |
https://docs.logrhythm.com/docs/devices/syslog-log-sources/syslog-fireeye-ex https://docs.trellix.com/bundle/hx_5.3.0_ug/page/UUID-f8412658-d198-7c0d-ed0b-619a245c3e7c.html |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
V 2.0: FireEye MPS Events |
N/A |
<tag1>, <vendorinfo>, <process>, <severity>, <sip>, <sname>, <protname>, <dname>, <dip>, <sport>, <smac>, <dport>, <url>, <dmac>, <subject> |
Revision History
|
KB Version |
Log Type |
Change Type |
Details |
|---|---|---|---|
|
KB 7.1.657.0 |
Syslog - FireEye MPS |
New Log Source Optimization (LSO) policy: LogRhythm Default v2.0 |
Optimized new log processing policy for Syslog - FireEye Web MPS/CMS/ETP/HX. |