<< PREVIOUS       NEXT>> 

SYSLOG FORMAT

GENERAL EVENT LOG FORMAT

1. The generic format of log statements is as below:
    

   TIMESTAMP|Virsec Security Platform|Virsec|<RELEASE VERSION>|<MESSAGE SPECIFIC NUMBER>|<BRIEF EVENT DECRIPTION>|<NOTIFICATION SEVERITY>|<DETAILED INFORMATION>

   1. TIMESTAMP - The timestamp when the event occurred along with the log format (CEF: 1)

   2. Virsec Security Platform - (Constant) Product name

   3. Virsec - Constant

   4. <RELEASE VERSION> - Indicates the VSP release number. Example: 1.3.0

   5. <MESSAGE SPECIFIC NUMBER> - This number is unique to each type of event. More information about the specific codes is provided in Section 3

   6. <BRIEF EVENT DECRIPTION> - Provides a brief description of the event

   7. <NOTIFICATION SEVERITY> - Provides the notification severity as below

      1. 8 – Critical

      2. 5 – Warning

      3. 2 - Info

   8. <DETAILED INFORMATION> - Provides all the relevant information related to the event

2. A typical log message is depicted below:

     

   Jul  6 12:24:54 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.3.0|117|CMS User Login Successful|8|src=10.16.6.4 role=Super Admin login_at=06 Jul 2020 04:25:58 PM UTC realm=LOCAL [email protected] msg=User [email protected] succeeded in authentication.

<< PREVIOUS        NEXT >>