/
CEF Formatter
CEF Formatter
- Noga Aviram (Unlicensed)
Owned by Noga Aviram (Unlicensed)
Description | Config Example |
|---|---|
Delivering the data in a CEF format - A known syntax for log records. | {"configuration":"{\n "headers": {\n "vendor": "cef device vendor",\n "product": "cef device product",\n "version": "cef device version",\n "id": "cef id",\n "name": "cef name1",\n "severity": "cef severity",\n "cefversion": "cef format version",\n "header": ""\n },\n "extensions": {}\n}","name":"filebeatceftrans","type":"transform"} |
CEF Format
The data flow should be defined with the ‘CEF Formatter’ condition, inside the relevant forwarder:
Add Original Event - Adds the original event as a string into the result.
Add CEF Headers.
Output: The target receives the logs as as key-value pairs.
, multiple selections available,
Related content
Raw Data Formatter
Raw Data Formatter
Read with this
Data Flow Transformers
Data Flow Transformers
Read with this
CSV Formatter
CSV Formatter
Read with this
JSON Formatter
JSON Formatter
Read with this
XPLG Patterns Language
XPLG Patterns Language
Read with this
Socket Forwarder
Socket Forwarder
More like this