ArcSight - 产品中心
   
 
      支持  |  联系
产品中心
    > 概 要
    > ArcSight ESM
    > ArcSight Logger
    > ArcSight Connectors
    > ArcSight Networking
    > ArcSight Compliance
    > ArcSight Insider Threat
    > Interactive Discovery
    > Pattern Discovery
    > Common Event Format
    > 认 证
    > 下载中心
  Common Event Format   
 
Common Event Format


The Common Event Format (CEF) is an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF is based on ArcSight抯 expertise from building over 230 connectors across 30 different solution categories and is the first log management standard to support a broad range of device types. CEF enables technology companies and customers to use a common event log format so that data can easily be collected and aggregated for analysis by an enterprise management system.

CEF Standard
CEF is an extensible, text-based, high-performance format designed to support multiple device types from both security and non-security devices and applications in the most simple manner possible, unlike other standards that target a single component of the security infrastructure, are tied to a specific transport protocol, or are designed specifically for applications and cannot support today抯 high-performance, real-time security requirements

ArcSight is leading the security industry by developing a standard that can be leveraged by all SIM/SEM vendors, partners, and customers. The release of CEF will allow ArcSight and other SIM/SEM vendors to develop innovations in other more valuable areas of security technology.

For more information on the Common Event Format, please request  the CEF standard document. For additional questions, please contact CEF@arcsight.com.

CEF Connector
The CEF connector allows ArcSight ESM to connect to, aggregate, filter, correlate, and analyze events from applications and devices which output their logs in the CEF standard, utilizing the syslog transport protocol. For example you can use this powerful text-based log format to collect logs from your customized or home grown applications if you modify their output to the CEF standard.

Partner Certification Program
To assist technology companies that want to adopt, test, and certify their compatibility with the CEF standard, ArcSight has formed a Common Event Format certification program. The objective of this program is to provide an all-encompassing program that provides partners with documentation, access to a hosted ArcSight ESM solution, for testing and Web support as part of the CEF certification process. For more information regarding this partner program, please contact CEF@arcsight.com.

CEF Materials
Copyright © 2002-2007 ArcSight | All rights reserved.