Deep Security Manager (DSM) has been configured to send events to the syslog server. However, a particular event may show "Description Omitted", instead of the event description.
By default, Deep Security Manager omits the description of system events being sent to a syslog server if the entry is too long. Below is a sample screenshot of a system event from the Deep Security Manager console.
On the syslog server, "msg=Description Omitted" is displayed instead of showing the full description.
To display the full system event description:
- Open the command prompt and change the directory to the Deep Security Manager installation path.
- Run the command below to check the current value of the switch settings.configuration.systemEventNotificationsExtendedDescription.
dsm_c -action viewsetting -name settings.configuration.systemEventNotificationsExtendedDescriptions
- Change the value of settings.configuration.systemEventNotificationsExtendedDescriptions to "true".
dsm_c -action changesetting - name settings.configuration.systemEventNotificationsExtendedDescriptions -value true
- Execute the following to confirm that the new value has been applied.
dsm_c -action viewsetting -name settings.configuration.systemEventNotificationsExtendedDescriptions
The syslog entry should now display the full description of the system event.
If you have deployed a multi-tenant Deep Security setup, go to Tenant Properties > Features and enable Extended Description for Events Forwarding.