NXLog search
Let's talk Start free
Let's talk Start free

NXLog Legacy Documentation

CEF (Common Event Format)

What is CEF?

Description

CEF (Common Event Format) is a standard log format. ArcSight developed it to enable vendors and customers to integrate their product information with ArcSight ESM. The CEF standard defines a syntax for log records. It comprises a standard header and a key-value pair formatted variable extension.

In the world of NXLog

CEF is one of the many log formats NXLog supports. NXLog can collect or forward logs in Common Event Format (CEF). NXLog Enterprise Edition provides the xm_cef module for parsing and generating CEF logs.

Known as

ArcSight common event format, ArcSight CEF

Related

ArcSight Common Event Format (CEF)
Common Event Format (xm_cef)

A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   R   S   T   U   V   W   X   Z

A

agent

agent-based log collection

agentless log collection

audit log

B

bandwidth

C

CEF (Common Event Format)

CSV (Comma-separated Values)

D

data source

DNS logging

E

endpoint security

EPS (Events Per Second)

ETW (Event Tracing for Windows)

event correlation

F

failover

G

GELF (Graylog Extended Log Format)

H

High Availability (HA)

I

ICMP (Internet Control Message Protocol)

IDS (Intrusion Detection System)

J

JSON (JavaScript Object Notation)

K

kernel log

KVP (Key-Value Pair)

L

LEEF (Log Event Extended Format)

log centralization

log normalization

log parsing

M

MSSP (Managed Security Service Provider)

multi-line logs

N

NetFlow

O

open source

P

pattern

PCI-DSS (Payment Card Industry Data Security Standard)

protocol

R

Raijin database

Remote Access Server Role

S

SCCM (System Center Configuration Manager)

SEM (Security Event Management)

SIM (Security Information Management)

SIEM (Security Information and Event Management)

SNMP (Simple Network Management Protocol)

SOC (Security Operations Center)

structured logging

syslog

T

TCP (Transmission Control Protocol)

TLS (Transport Layer Security)/SSL (Secure Sockets Layer)

U

UEBA (User and Entity Behavior Analytics)

UDP (User Datagram Protocol)

V

vendor-agnostic

W

W3C Extended Log File Format

WEC (Windows Event Collector)

WEF (Windows Event Forwarding)

Windows Event ID

WMI (Windows Management Instrumentation)

X

XPath

Z

ZeroMQ