-
CEF: Uses the standard Common Event Format (CEF) for log messages and sets the syslog Facility code to "Local0" and the Severity code to "Notice"
-
Apex Central format: Sets the syslog Facility code to "Local0" and the Severity code to "Notice"
The following tables outline the formats supported by each log
type.
Security Logs
|
Log Type
|
CEF
|
Apex Central Format
|
|
Application Control
|
Yes
|
No
|
|
Attack Discovery
|
Yes
|
No
|
|
Behavior Monitoring
|
Yes
|
Yes
|
|
C&C Callbacks
|
Yes
|
No
|
|
Content Violations
|
Yes
|
No
|
|
Data Loss Prevention
|
Yes
|
Yes
|
|
Device Control
|
Yes
|
Yes
|
|
Intrusion Prevention
|
Yes
|
No
|
|
Network Content Inspection
|
Yes
|
No
|
|
Predictive Machine Learning
|
Yes
|
No
|
|
Spyware/Grayware
|
Yes
|
No
|
|
Suspicious Files
|
Yes
|
No
|
|
Virtual Analyzer
|
Yes
|
No
|
|
Virus/Malware
|
Yes
|
No
|
|
Web Violations
|
Yes
|
No
|
Product Information
|
Log Type
|
CEF
|
Apex Central Format
|
|
Engine Update Status
|
Yes
|
Yes
|
|
Product Auditing Events
|
Yes
|
No
|
|
Pattern Update Status
|
Yes
|
Yes
|
For information about mapping syslog content between CEF and Apex Central formats,
see Syslog Content Mapping - CEF.