Overview

The GenericLog LogType is the ultimate fallback for any logs that are not specifically recognised by the Snare Central server collection subsystem.

Collection

Data that is stored in the GenericLog table, may arrive from a range of possible log sources - Syslog, Snare collectors on ports 6161, or 6163, batch uploads, SNMPTraps, etc.

Sample Events

Any log data that has not been specifically recognised by the Snare Central collection subsystem will be included in GenericLog

Fields

Field	Description

Field	Description
DATE	Event date, in the format YYYY-MM-DD
TIME	Event time, in the format HH:MM:SS
SYSTEM	The source system
TABLE	GenericLog
CRITICALITY	If a criticality has been supplied by the source (eg: Syslog), it will be included here.
SOURCE	Reserved for future expansion
DETAILS	The original event will be included in this field, with the following caveats: Any tab embedded within the original content will be translated to four spaces

Notes

-

Snare Central v8 Documentation

Log Types: GenericLog

Overview

Collection

Sample Events

Fields

Notes