Eventia Parsing Files Update (Revision 11)

Eventia parsing and normalization update file, contains updates for syslog and SNMP trap support.

Parsing updates are accumulative. Current update includes parsing capabilities for the following products:

• Date published: 4-Aug-2008
• Juniper – Juniper Network and Security Manager (NSM)

• Date published: 18-Mar-2008
• Cisco- Cisco ASA

• Date published: 19-Feb-2008
• Top Layer- Top Layer IPS
• Open Source - ProFTP

• Date published:  27-Dec-2007
• WELF (WebTrends Enhanced Log Format):
  WELF is an open logging format developed by WebTrends. WELF logging format is known to be supported by firewalls, Virtual Private Network (VPN) systems, proxy servers and various security devices. Consult the relevant 3rd product documentation for enabling support for WELF. The following products are known to support WELF format:
  
  • CyberGuard Firewall/VPN
  • Symantec ManHunt
  • SonicWALL internet security products
  • Squid Proxy server
  • WatchGuard Firebox
• CLF (Common Log Formats):
  CLF is a logging format for web server?s access logs. CLF standard is supported by most Web servers. The following products are known to support the CLF format:
  
  • Apache
  • Lotus Domino Server
  • Unix Web Servers
  • IBM WebSphere
  • SunOne iPlanet

• Date published:  31-Oct-2007
• Fortinet- Fortigate Firewall
• Juniper- SA4000

• Date published:  23-Jul-2007
• Netscreen IDP

• Date published:  20-Jun-2007
• Tipping Point LSM

• Date published:  4-Jun-2007
• Cisco Router (updated version)

• Date published: 3-May-2007
• IPS-1
• Cisco VPN Concentrator 3000
• Blue Coat SG (event logs)

• Date published: 1-JAN-2007
• Nortel BayStack switches
• Remote Network Monitoring (RMON)