Events exported to LEEF format

LEEF format is a customized event format for IBM® Security QRadar®. Events have standard and custom attributes. ERA uses some of standard attributes described in official IBM documentation. Custom attributes are the same as in JSON format. There are five categories of events:

Threat

Firewall

HIPS

Audit

Enterprise Inspector Alerts

 

icon_details_hoverNOTE

More information about Log Event Extended Format (LEEF) can be found at official IBM website.