Views:

Below is the list of fields on the DLP logs that are sent to the syslog server of TMCM:

  • CM UI="Host Name" CEFKey="cs3"
  • CM UI="Managing Server" CEFKey="dvchost"
  • CM UI="Product Entity GUID" CEFKey="cs1"
  • CM UI="Policy" CEFKey="cs2"
  • CM UI="Product" CEFKey="cn1"
  • CM UI="Generated" CEFKey="rt"
  • CM UI="Product/Endpoint IP" CEFKey="src"
  • CM UI="Product/Endpoint MAC" CEFKey="smac"
  • CM UI="Endpoint" CEFKey="shost"
  • CM UI="Incident Source (AD Account)" CEFKey="cs4"
  • CM UI="Incident Source (Sender)" CEFKey="suser"
  • CM UI="WebSite" CEFKey="request"
  • CM UI="Recipient" CEFKey="duser"
  • CM UI="Subject" CEFKey="msg"
  • CM UI="Fileocation" CEFKey="filePath"
  • CM UI="File" CEFKey="fname"
  • CM UI="Rule" CEFKey="cs5"
  • CM UI="Template" CEFKey="cs6"
  • CM UI="Channel" CEFKey="cn3"
  • CM UI="Action" CEFKey="cn2"
  • CM UI="ProductName" CEFKey="deviceFacility"
Keywords: DLP log fields,missing log fields on syslog server,DLP log field list,info on DLP log fields,incomplete DLP log fields on syslog server