cef0.cybereason
- Juan Tomás Alonso Nieto (Deactivated)
May 08, 2023
1 min read
Loading data...
[ 1 Introduction ] [ 2 Tag structure ] [ 3 How is the data sent to Devo? ]
Introduction
The tables cef0.cybereason.* identify events in CEF format generated by Cybereason services.
Tag structure
Events in CEF format don't have a specific tag structure, as explained in Technologies supported in CEF syslog format. They are always sent to a table with the structure cef0.deviceVendor.deviceProduct.
In this case, the valid data tables are:
Tag | Data table |
|---|---|
cef0.cybereason.failedLogin | cef0.cybereason.failedLogin |
cef0.cybereason.sensorHealth | cef0.cybereason.sensorHealth |
cef0.cybereason.malop | cef0.cybereason.malop |
cef0.cybereason.malware | cef0.cybereason.malware |
cef0.cybereason.sensorAction | cef0.cybereason.sensorAction |
How is the data sent to Devo?
Learn more about CEF syslog format and how Devo tags these events in Technologies supported in CEF syslog format.
Â