Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
AndrewE
New Member.
384 views

CEF Mapping Library

Hello Community,

Does anyone know if there is a mapping table of some kind for all CEF fields that relates to all (or major) products ?

I am doing some work right now that links various data sources from multiple vendors and could go through and map each one from the specifications, but hoping someone smarter than me has already done this.

Thanks in advance

0 Likes
3 Replies
AndrewE
New Member.

Re: CEF Mapping Library

Sorry.....particular focus is Bro, Syslog and potentially reaching out into others such as Sysmon and Beats

0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: CEF Mapping Library

Hi,

Not sure if that's what you are looking for but you can check it anyway, it's a list of CEF key names:
https://community.softwaregrp.com/t5/ArcSight-Connectors/ArcSight-Common-Event-Format-CEF-Implementation-Standard/ta-p/1645557?attachment-id=68077

Otherwise, you'll have to check each admin guide to see how the mapping is done.

Regards,
Kresimir

Micro Focus Contributor
Micro Focus Contributor

Re: CEF Mapping Library

The CEF mapping guide document is mentioned into a note at page 6 of the CommonEventFormatV25.pdf.

....For more information on best practices for creating CEF events, see the CEF Mapping Guidelines document.


 @AndrewE Is this your orginal question for the document ?

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.