Skip to main content
Skip table of contents

System Log Messages (Deep Discovery Email Inspector)

Vendor Documentation

https://docs.trendmicro.com/o-help/ent/ddei/5.1/en-us/ddei_5.1_ag.pdf

Classification

Rule Name

Rule Type

Common Event

Classification

System Log Messages

Base Rule

General Info Log Message

Information

System Event Logs

Sub Rule

General System

Information

Product Update Logs

Sub Rule

Agent Updated

Information

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

Header (logVer)

N/A

N/A

CEF format version.

Header (vendor)

N/A

N/A

Appliance vendor.

Header (pname)

N/A

N/A

Appliance product.

Header (pver

<version>

Text/String

Appliance version.

Header (eventid)

<vmid>

Number

Signature ID

  • 300102 (PRODUCT_UPDATE)

  • 300999 (SYSTEM_EVENT)

Header (eventName)

<vendorinfo>

<tag1>

Text/String

Description

  • PRODUCT_UPDATE (300102)

  • SYSTEM_EVENT (300999)

Header (severity)

<severity>

Number

Severity

  • 2: Unavailable

  • 4: Low

  • 6: Medium

  • 8: High

rt

N/A

N/A

Log generation time.

dvcmac

<dmac>

Text/String

Appliance MAC address.

cn3Label

N/A

N/A

N/A

cn3

N/A

N/A

N/A

msg

<subject>

Text/String

Event description.

deviceExternalId

N/A

N/A

Appliance GUID.

dvchost

<dname>

Text/String

Appliance host name.

dvc

<dip>

IP Address

Appliance IP address.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close