Skip to main content
Skip table of contents

Syslog - Trend Micro Deep Discovery Email Inspector CEF

Device Details

Device Name

Deep Discovery Email Inspector

Vendor

Trend Micro

Device Type

Deep Discovery Email Inspector

Supported Model Name/Number

N/A

Supported Software Version

N/A

Collection Method

Syslog

Configurable Log Output

CEF

Log Source Type

Syslog - Trend Micro Deep Discovery Email Inspector CEF

Log Processing Policy

LogRhythm Default V 2.0

Exceptions

N/A

Additional Information

https://docs.trendmicro.com/o-help/ent/ddei/5.1/en-us/ddei_5.1_ag.pdf

Supported Log Messages

(List of LR tags used to parse the log information for each message type)

Type

Product Version

Supported Schema Fields

Attachment Detection Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <object>, <objecttype>, <size>, <hash>, <dip>, <dmac>, <dname>

Alert Event Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <threatname>, <quantity>, <subject>, <dmac>, <dname>, <dip>

Catch All : Level 1

N/A

<severity>, <tag1>

Catch All : Level 2

N/A

<version>, <vmid>, <vendorinfo>, <severity>

CTP Detection Log Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <sender>, <url>, <login>, <dname>, <dip>, <recipient>, <subject>, <session>, <action>, <dmac>

Deny List Transaction Events Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dname>, <dmac>, <object>, <action>, <hash>, <url>

Email Detection Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dmac>, <dname>, <sender>, <sip>, <recipient>, <subject>, <size>, <threatname>, <action>

File Analysis Events Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dname>, <dmac>, <object>, <hash>, <objecttype>, <size>, <result>, <threatname>

Message Tracking Log Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dmac>, <dname>, <object>, <recipient>, <reason>, <action>, <sender>, <subject>

Notable Characteristics Event Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dname>, <dmac>, <object>, <hash>, <objecttype>, <size>, <group>, <subject>, <policy>

Sender Filtering/Authentication Log Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dmac>, <dname>, <sender>, <recipient>, <sessiontype>, <action>, <result>, <reason>

System Log Messages

N/A

<version>, <vmid>, <vendorinfo>, <tag1>, <severity>, <dmac>, <subject>, <dname>, <dip>

URL Analysis Events Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <dip>, <dname>, <dmac>, <url>, <hash>

URL Detection Messages

N/A

<version>, <vmid>, <vendorinfo>, <severity>, <url>, <dip>, <dmac>, <dname>

Revision History

KB Version

Log Type

Change Type

Details

KB 7.1.741.0

Syslog - Trend Micro Deep Discovery Email Inspector CEF

New Device Documentation

N/A

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close