Views:
CEF Key
Description
Example
Header (Device Event Class ID)
Unique identifier per event-type
  • 900003
Header (Device Product)
Product of sending device
  • Trend Vision One
Header (Device Vendor)
Product vendor
  • Trend Micro
Header (Device Version)
Service version
  • 1.0.0
Header (Name)
Category of the event
  • Trend Vision One Account Audit Log
Header (Severity)
Importance of the event
  • 2: Info
Header (Version)
CEF format version
  • CEF:0
cat
category
  • Sign in and sign out
cs1
Account
  • Root account
cs1Label
Corresponding label for the cs1 field
  • Account
cs2
Role
  • Master Administrator
cs2Label
Corresponding label for the cs2 field
  • Role
cs3
Activity
  • Sign in
cs3Label
Corresponding label for the cs3 field
  • Activity
cn1
Result
  • 1
Note
Note
Possible values include:
  • 1: Success
  • 0: Fail
cn1Label
Corresponding label for the cn1 field
  • Result
cn2
Source
  • 0
Note
Note
Possible values include:
  • 0: Console
  • 1: API
  • 6: Service Gateway
cn2Label
Corresponding label for the cn2 field
  • Source
msg
Details
  • {"IP address": "10.1.1.1", "Identifier": {"id":"0e9b00aa-6ee4-4f83-9e42-dd83e19a5e60","type":"managedAccount","name":"Root Account","email":"admin@example.com","subType":"local"}}
Note
Note
Message is in JSON format, and is truncated if exceeding the maximum length of 1000 characters.
rt
Logged time
  • 2024-09-23T17:18:42Z
TrendMicroV1CompanyID
Company ID
  • 68960c94-9be6-4343-a4ca-6408de7aa331