Document toolboxDocument toolbox

cef0.barracudanetworks

Owned by Juan Tomás Alonso Nieto (Deactivated)
Last updated: Sept 27, 2023
1 min read
[ 1 Introduction ] [ 2 Tag structure ] [ 3 How is the data sent to Devo? ]

Introduction

The tables beginning with cef0.barracudanetworks identify events in CEF format generated by Barracuda Networks.

Tag structure

Events in CEF format don't have a specific tag structure, as explained in Technologies supported in CEF syslog format. They are always sent to a table with the structure cef0.deviceVendor.deviceProduct.

In this case, the valid data tables are:

Tags

Data tables

Tags

Data tables

cef0.barracudaNetworks.emailSecurityGateway

cef0.barracudaNetworks.emailSecurityGateway

cef0.barracudanetworks.waas

cef0.barracudanetworks.waas

How is the data sent to Devo?

Learn more about CEF syslog format and how Devo tags these events in Technologies supported in CEF syslog format.

cef0.barracudaNetworks.emailSecurityGateway

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

priorityCode

str

 

 

cefTag

str

 

 

cefVersion

str

 

 

embDeviceVendor

str

 

 

embDeviceProduct

str

 

 

deviceVersion

str

 

 

signatureID

str

 

 

name

str

 

 

severity

str

 

 

_cefVer

str

 

 

dvc

ip4

 

 

cs3Label

str

 

 

deviceProcessName

str

 

 

msg

str

 

 

reason

str

 

 

cs4Label

str

 

 

cs1

str

 

 

ExternalId

str

 

 

cs6

str

 

 

rt

timestamp

 

 

cs4

str

 

 

end

timestamp

 

 

out

int8

 

 

cs2Label

str

 

 

cs5Label

str

 

 

shost

str

 

 

duser

str

 

 

suser

str

 

 

src

ip4

 

 

act

str

 

 

cs5

str

 

 

in

int8

 

 

cs6Label

str

 

 

sourceServiceName

str

 

 

start

timestamp

 

 

cs1Label

str

 

 

categoryDeviceGroup

str

 

 

dtz

str

 

 

sourceZoneID

str

 

 

slong

str

 

 

deviceZoneID

str

 

 

categoryObject

str

 

 

eventAnnotationAuditTrail

str

 

 

eventAnnotationVersion

str

 

 

eventAnnotationModificationTime

str

 

 

art

str

 

 

categorySignificance

str

 

 

eventId

str

 

 

originalAgentAddress

str

 

 

at

str

 

 

mrt

str

 

 

customerURI

str

 

 

originalAgentZoneURI

str

 

 

sourceZoneURI

str

 

 

assetCriticality

str

 

 

eventAnnotationFlags

str

 

 

agt

str

 

 

categoryBehavior

str

 

 

sourceGeoCountryCode

str

 

 

modelConfidence

str

 

 

aid

str

 

 

amac

str

 

 

slat

str

 

 

Severity

str

 

 

relevance

str

 

 

av

str

 

 

eventAnnotationStageUpdateTime

str

 

 

categoryOutcome

str

 

 

locality

str

 

 

ahost

str

 

 

originalAgentVersion

str

 

 

customerID

str

 

 

atz

str

 

 

originalAgentMacAddress

str

 

 

originalAgentType

str

 

 

flexString1

str

 

 

originalAgentId

str

 

 

eventAnnotationManagerReceiptTime

str

 

 

originalAgentHostName

str

 

 

priority

str

 

 

deviceZoneURI

str

 

 

eventAnnotationEndTime

str

 

 

hostchain

str

 

✓

tag

str

cefTag

✓

rawMessage

str

 

 

cef0.barracudanetworks.waas

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

priorityCode

str

 

 

cefTag

str

 

 

cefVersion

str

 

 

embDeviceVendor

str

 

 

embDeviceProduct

str

 

 

deviceVersion

str

 

 

signatureID

str

 

 

name

str

 

 

severity

str

 

 

_cefVer

str

 

 

app

str

 

 

dst

ip4

 

 

dpt

int4

 

 

in

int8

 

 

out

int8

 

 

requestMethod

str

 

 

request

str

 

 

rt

timestamp

 

 

src

ip4

 

 

spt

int4

 

 

host

str

 

 

httpStatus

str

 

 

httpVersion

str

 

 

logType

str

 

 

query

str

 

 

referer

str

 

 

serverTime

str

 

 

timeTaken

str

 

 

userAgent

str

 

 

hostchain

str

 

✓

tag

str

cefTag

✓

rawMessage

str

 

✓