Syslog - Symantec DLP CEF
Device Details
| Device Name | Syslog - Symantec DLP CEF |
| Vendor | Symantec |
| Device Type | DLP |
| Supported Model Name/Number | N/A |
| Supported Software Version | N/A |
| Collection Method | Syslog |
| Configurable Log Output | CEF |
| Log Source Type | Syslog - Symantec DLP CEF |
| Log Processing Policy | LogRhythm Default V 2.0 |
| Exceptions | N/A |
| Additional Information | https://techdocs.broadcom.com/content/dam/broadcom/techdocs/symantec-security-software/information-security/data-loss-prevention/generated-pdfs/Symantec_DLP_15.5_Admin_Guide.pdf |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
Type | Product Version | Supported Schema Fields |
|---|---|---|
| V 2.0 : Symantec DLP Events | N/A | <vendorinfo>, <process>, <object>, <action>, <dip>, <policy>, <protname>, <url>, <sender>, <recipient>, <subject>, <status>, <severity>, <account>, <sname>, <domainorigin>, <login>, <sip>, <reason>, <object> |
| V 2.0 : Catch All | N/A | <severity>, <tag1> |
Revision History
| KB Version | Log Type | Change Type | Details |
| KB 7.1.659.0 | Syslog - Symantec DLP CEF | New Log Source Optimization (LSO) policy: LogRhythm Default v2.0 | Optimized new log processing policy for Syslog - Symantec DLP CEF |