Syslog - Vectra Networks
Device Details
Vendor | Vectra Networks |
|---|---|
Device Type | Network Security |
Supported Model Name/Number | Vectra Networks |
Supported Software Version(s) | 4.6 |
Collection Method | Syslog |
Configurable Log Output? | No |
Log Source Type | Syslog – Vectra Networks |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
Detect Message | 4.6 | <subject>, <threatname>, <sname>, <sip>, <vmid>, <url>, <dip>, <domainimpacted>, <dport>, <protname>, <bytesout>, <bytesin> |
Host Scoring Message | 4.6 | <subject>, <sname>, <sip>, <vmid>, <url> |
Audit Message | 4.6 | <version>, <login>, <subject>, <sip>, <objecttype>, <action> |
Campaign Message | 4.6 | <vmid>, <action>, <reason>, <sname>, <sip>, <url>, <dname>, <dip> |
Catch All | 4.6 | <subject> |
Parsed Metadata Fields
Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
action | <action> | Text/String |
bytesrcvd | <bytesin> | Numeric |
bytessent | <bytesout> | Numeric |
category | <subject> | Text/String |
currentip | <sip> | IP Address |
destinationdomain | <domainimpacted> | Text/String |
destinationIP | <dip> | IP Address |
destinationport | <dport> | Numeric |
hostname | <sname> | Text/String |
proto | <protname> | Text/String |
threat | <vmid> | Numeric |
type | <threatname> | Text/String |
type | <objecttype> | Text/String |
url | <url> | Text/String |