Device Details
|
Device Name |
Syslog - Symantec DLP CEF |
|
Vendor |
Symantec |
|
Device Type |
DLP |
|
Supported Model Name/Number |
N/A |
|
Supported Software Version |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output |
CEF |
|
Log Source Type |
Syslog - Symantec DLP CEF |
|
Log Processing Policy |
LogRhythm Default V 2.0 |
|
Exceptions |
N/A |
|
Additional Information |
https://techdocs.broadcom.com/content/dam/broadcom/techdocs/symantec-security-software/information-security/data-loss-prevention/generated-pdfs/Symantec_DLP_15.5_Admin_Guide.pdf |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
V 2.0 : Symantec DLP Events |
N/A |
<vendorinfo>, <process>, <object>, <action>, <dip>, <policy>, <protname>, <url>, <sender>, <recipient>, <subject>, <status>, <severity>, <account>, <sname>, <domainorigin>, <login>, <sip>, <reason>, <object> |
|
V 2.0 : Catch All |
N/A |
<severity>, <tag1> |
Revision History
|
KB Version |
Log Type |
Change Type |
Details |
|
KB 7.1.659.0 |
Syslog - Symantec DLP CEF |
New Log Source Optimization (LSO) policy: LogRhythm Default v2.0 |
Optimized new log processing policy for Syslog - Symantec DLP CEF |