ESET Online Help

Search English
Select the topic

Events exported to LEEF format

To filter the event logs sent to Syslog, create a log category notification with a defined filter.

LEEF format is a customized event format for IBM® Security QRadar®. Events have standard and custom attributes:

ESET PROTECT uses some of standard attributes described in official IBM documentation.

Custom attributes are the same as in JSON format. The deviceGroupName attribute contains the full path to the static group of the computer generating the event. If the path is longer than 255 characters, deviceGroupName contains only the static group name. The deviceOSName attribute contains information about the computer´s operating system, and the deviceGroupDescription attribute contains the static group description.

Event categories:

icon_antivirusAntivirus detections

icon_firewall Firewall

Filtered websites—icon_web_protection Web Protection

icon_hips HIPS

Audit

icon_ei_alert ESET Inspect Alerts

icon_blocked Blocked files

note

You can find more information about Log Event Extended Format (LEEF) on the official IBM website.