Enterprise Security Management - Information Security Management
Solutions
> Protect Your Business
> Compliance Solutions
> PCI DSS
> Log Management
> Enterprise Security
space- Insider Threat
space- Physical/Logical
     Convergence
space- Mobile Threats
> Configuration Audit
   and Provisioning
> Case Studies
> Industries
space- Process Control
     Networks/SCADA
space- Financial Services
space- Healthcare
space- Government
space- Telecom
space- Higher Education
space- MSSPs
> Services
> Education and Training
> White Papers
 
Common Event Format


The Common Event Format (CEF) is an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF is based on ArcSight’s expertise from building support for over 275 products acorss more than 35 solution categories and is the first log management standard to support a broad range of device types. CEF enables technology companies and customers to use a common event log format so that data can easily be collected and aggregated for analysis by an enterprise management system.

CEF Standard
CEF is an extensible, text-based, high-performance format designed to support multiple device types from both security and non-security devices and applications in the most simple manner possible, unlike other standards that target a single component of the security infrastructure, are tied to a specific transport protocol, or are designed specifically for applications and cannot support today’s high-performance, real-time security requirements

ArcSight is leading the security industry by developing a standard that can be leveraged by all SIM/SEM vendors, partners, and customers. The release of CEF will allow ArcSight and other SIM/SEM vendors to develop innovations in other more valuable areas of security technology.

For more information on the Common Event Format, please request  the CEF standard document. For additional questions, please contact CEF@arcsight.com.

CEF Connector
The CEF connector allows ArcSight ESM to connect to, aggregate, filter, correlate, and analyze events from applications and devices which output their logs in the CEF standard, utilizing the syslog transport protocol. For example you can use this powerful text-based log format to collect logs from your customized or home grown applications if you modify their output to the CEF standard.

Partner Certification Program
To assist technology companies that want to adopt, test, and certify their compatibility with the CEF standard, ArcSight has formed a Common Event Format certification program. The objective of this program is to provide an all-encompassing program that provides partners with documentation, access to a hosted ArcSight ESM solution, for testing and Web support as part of the CEF certification process. For more information regarding this partner program, please contact CEF@arcsight.com.

CEF Materials

 
  Click here to get more information about ArcSight.  

 
  Copyright © 2002-2008 ArcSight | All rights reserved. Privacy Policy