Syslog - Forescout eyeInspect CEF

Device Details

Device Name	eyeInspect
Vendor	Forescout
Device Type	Security
Supported Model Name/Number	N/A
Supported Software Version	5.5.0, 5.5.1
Collection Method	Syslog
Configurable Log Output	CEF
Log Source Type	Syslog - Forescout eyeInspect CEF
Log Processing Policy	LogRhythm Default V 2.0
Exceptions	N/A
Additional Information	https://docs.forescout.com/bundle/eyeinspect-user-guide-v5-5-0/page/gitdoc-eyeinspect/eyeInspect/eyeInspect_User_Guide/alert-forwarding.html

Supported Log Messages

(List of LR tags used to parse the log information for each message type)

Type	Product Version	Supported Schema Fields
Catch-All	N/A	<tag1>, <severity>
EyeInspect Alert Logs	N/A	<version>, <vmid>, <tag1>, <vendorinfo>, <severity>, <smac>, <dmac>, <sip>, <dip>, <sport>, <dport>, <protname>, <bytesin>, <bytesout>, <status>, <seconds>, <parentprocesspath>, <cve>, <subject>

Revision History

KB Version	Log Type	Change Type	Details
KB 7.1.720.0	Syslog - Forescout eyeInspect CEF	New Device Documentation	N/A