Expanding the system events description when forwarding to the syslog server

- Updated:
- 13 Apr 2020
- Product/Version:
- Deep Security 10.0
- Deep Security 11.0
- Deep Security 12.0
- Deep Security 9.6
- Platform:
- N/A

Summary

Deep Security Manager (DSM) has been configured to send events to the syslog server. However, a particular event may show "Description Omitted", instead of the event description.

By default, Deep Security Manager omits the description of system events being sent to a syslog server if the entry is too long. Below is a sample screenshot of a system event from the Deep Security Manager console.

System event full description

On the syslog server, "msg=Description Omitted" is displayed instead of showing the full description.

Details

To display the full system event description:

This procedure is also applicable for Deep Security Manager installed on Linux server with default installation directory located in /opt/dsm.

Open the command prompt and change the directory to the Deep Security Manager installation path.
Run the command below to check the current value of the switch settings.configuration.systemEventNotificationsExtendedDescription.
```
dsm_c -action viewsetting -name settings.configuration.systemEventNotificationsExtendedDescriptions
```

Change the value of settings.configuration.systemEventNotificationsExtendedDescriptions to "true".

dsm_c -action changesetting - name settings.configuration.systemEventNotificationsExtendedDescriptions -value true

Execute the following to confirm that the new value has been applied.
```
dsm_c -action viewsetting -name settings.configuration.systemEventNotificationsExtendedDescriptions
```
The syslog entry should now display the full description of the system event.

If you have deployed a multi-tenant Deep Security setup, go to Tenant Properties > Features and enable Extended Description for Events Forwarding.

Rating:

Category:

Troubleshoot

Solution Id:

1122852

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

Need More Help?

Expanding the system events description when forwarding to the syslog server