Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Common Event Format (CEF) ====== ==== General Form ==== <code> CEF:Version|Device Vendor|Device Product|Device Version|Signature ID|Name|Severity|Extension </code> * signature id: a integer or string that is a unique identifier for the event * severity: integer value 0-10 * extension: any number of key-value pairs in the form of key=value separated by spaces. ==== Example ==== <code> CEF:0|Red Hat|RHEL|8.0.0|100|SSH login|5 </code> qnd/common_event_format.txt Last modified: 2021/10/05 16:16by mgupton