Syslog - Trend Micro Deep Security LEEF
Device Details
Vendor | Trend Micro |
|---|---|
Device Type | LEEF |
Supported Model Name/Number | N/A |
Supported Software Version(s) | All |
Collection Method | Syslog |
Configurable Log Output? | Yes |
Log Source Type | Syslog - Trend Micro Deep Security |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information | https://help.deepsecurity.trendmicro.com/trust-center.html http://docs.trendmicro.com/all/ent/ddan/v5.5/en-us/ddan_5.5_sg.pdf |
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
Email Traffic Inspector | All | Severity, Event Message, Host, Quantity, Event ID, Object |
LEEF Server Message | All | User Name, Module Name, Operation, Resource, Status |
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
N/A | <severity> | Text/String |
N/A | <dname> | Text/String |
N/A | <process> | Text/String |
N/A | <processid> | Numeric |
N/A | <object> | Text/String |
N/A | <vendorinfo> | Text/String |
N/A | <parentprocessname> | Text/String |
N/A | <parentprocessid> | Numeric |
N/A | <command> | Text/String |
N/A | <result> | Text/String |
N/A | <login> | Text/String |
N/A | <action> | Text/String |
N/A | <size> | Numeric |
N/A | <sip> | IP Address |
N/A | <sport> | Numeric |
N/A | <dip> | IP Address |
N/A | <dport> | Numeric |
N/A | <packetsin> | Numeric |
N/A | <packetsout> | Numeric |
N/A | <bytesin> | Numeric |
N/A | <bytesout> | Numeric |