App Control: What are the supported Syslog Formats?

App Control: What are the supported Syslog Formats?

search cancel

App Control: What are the supported Syslog Formats?

book

Article ID: 286438

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

What are the supported log formats for syslogging?

Environment

App Control Server: All Supported Versions

Resolution

The supported formats are:

Basic (RFC3164) – the default for upgrades from some previous releases
Enhanced (RFC5424) – a newer standard; the default for new installations
CEF (HP ArcSight) – the format to use to integrate App Control event logs withHP ArcSight ESM or HP ArcSight Logger
LEEF (IBM Q1 Labs) – the format to user to integrate App Control event logs with IBM Security QRadar Log Manager or IBM Security QRadar SIEM

Additional Information

Ensure the syslog application supports these formats and are configured correctly
Not all Syslog applications support these log formats
See the Events Guide on VMware Docs > Server Documentation for more details.

Feedback

thumb_up Yes

thumb_down No