This document explains the changes required to apply new Message Processing Engine (MPE) rules developed during the Log Source Optimization (LSO) project for the Syslog - Tanium log source type.
The following table lists the log message types supported in the current MPE rules. Each page contains detailed information on parsing changes and new log processing settings.
Log Message Type
Event Type
Application Server Logs (Part 1)
Application Operation
Application Server Logs (Part 2)
Application Operation
Application Server Logs (Part 3)
Application Operation
Application Server Logs (Part 4)
Application Operation
Application Server Logs (Part 5)
Application Operation
Application Server Logs (Part 6)
Application Operation
Application Server Logs (Part 7)
Application Operation
Application Server Logs (Part 8)
Application Operation
Application Server Logs (Part 9)
Application Operation
Application Server Logs (Part 10)
Application Operation
Application Server Logs (Part 11)
Application Operation
Application Server Logs (Part 12)
Application Operation
Audit Logs
General Audit Message
Catch All Level 1
General Operations Event
Tanium Application Server Information
General Server Information
Log Processing Policy Updates
This section details log processing policy updates made to AIE Rules, system reports, system investigations, system report templates, and system tails as part of LSO.
