Breadcrumbs

Syslog - Vectra Networks

Device Details

Vendor

Vectra Networks

Device Type

Network Security

Supported Model Name/Number

Vectra Networks

Supported Software Version(s)

4.6

Collection Method

Syslog

Configurable Log Output?

No

Log Source Type

Syslog – Vectra Networks

Log Processing Policy

LogRhythm Default

Exceptions

N/A

Additional Information

https://www.vectra.ai/

Currently Supported Log Types

Type

Product Version

Supported Schema Fields

Detect Message

4.6

<subject>, <threatname>, <sname>, <sip>, <vmid>, <url>, <dip>, <domainimpacted>, <dport>, <protname>, <bytesout>, <bytesin>

Host Scoring Message

4.6

<subject>, <sname>, <sip>, <vmid>, <url>

Audit Message

4.6

<version>, <login>, <subject>, <sip>, <objecttype>, <action>

Campaign Message

4.6

<vmid>, <action>, <reason>, <sname>, <sip>, <url>, <dname>, <dip>

Catch All

4.6

<subject>

 Parsed Metadata Fields

Field Name

LogRhythm Metadata Field

Value/Data Type

action

<action>

Text/String

bytesrcvd

<bytesin>

Numeric

bytessent

<bytesout>

Numeric

category

<subject>

Text/String

currentip

<sip>

IP Address

destinationdomain

<domainimpacted>

Text/String

destinationIP

<dip>

IP Address

destinationport

<dport>

Numeric

hostname

<sname>

Text/String

proto

<protname>

Text/String

threat

<vmid>

Numeric

type

<threatname>

Text/String

type

<objecttype>

Text/String

url

<url>

Text/String