CEF Syslog Message Types

Message Type

Syslog message format for vulnerability and real-time Syslog entries generated by PASLs, PRMs, and internal plugins:

timestamp CEF: Version|Device Vendor|Device Product|Device Version|Signature ID|Name|Severity|Extension

Message Fields

Name

Description

Device Product

Displays the name of the product on the detected sending device.

Device Vendor

Displays the vendor of the product on the detected sending device.

Device Version

Displays the version of the product on the detected sending device.

Extension

Displays key-value pairs for one or more of the following additional fields: src, dst, spt, dpt, proto, and msg.

Name

Displays the name of the Tenable Nessus Network Monitor plugin or PASL ID triggered by the reported traffic.

Severity

Displays the associated severity level of the reported vulnerability.

Signature ID

Displays the reported Tenable Nessus Network Monitor plugin or PASL ID triggered by the reported traffic.

timestamp

Displays the date and time of the Syslog message.

Version

Displays the version of the CEF format version.