Original Input Formats

The following Original Input Formats are supported:

• CEF – Common Event Format, an open standard that passes messages over to the communications module that handles the transmission of the messages to the waiting log collection server using either UDP, TCP or TLS protocol.

• LEEF – Log Event Extended Format, another open standard for log management and interoperability of security related information from different devices, network components and applications. The LEEF format is a customized event format for IBM security Qradar that contains readable and easily processed events.

• FREE - In the FREE format, information and message settings (Severity and Facility) are sent as is (i.e. as configured at the Add/Change IFS Log Auditing menu, shown in Working with IFS logs). If FREE format is chosen, the administrator has to manually indicate Severity and Facility sections, and the subject name would be attached to the log that is sent.