Common Event Format

Common Event Format (CEF) is an extensible, text-based, high-performance format designed to support multiple device types in the simplest manner possible. CEF defines the syntax for log records comprised of a standard header and a variable extension, formatted as key-value pairs. CEF uses syslog as a transport mechanism. CEF uses the following format as exemplified below. It is comprised of a syslog prefix, a header, and an extension.

For example:

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Common Event Format

Documentation Feedback