To enable flexible integration with third-party log management systems, TMWS supports Common Event Format
(CEF) as the syslog message format.
Common Event Format (CEF) is an open log management standard created by HP
ArcSight. TMWS uses a subset of
predefined extension keys and its own custom extension keys.
TMWS provides two types of CEF
syslog key-value mapping for use as necessary:
-
Syslog content mapping type 1
-
Syslog content mapping type 2
Note
To use this syslog content mapping type, make sure that you have upgraded your on-premises gateway to version 3.1.0.2502 or later.