Release Notes › Features › Standardized Presentation of Logs

Standardized Presentation of Logs

Logs generated by applications, operating systems, and devices all use their own formats. CA Enterprise Log Manager refines the collected logs to standardize the way the data is reported. The standard format makes it easier for auditors and upper management to compare data collected from different sources. Technically, the CA Common Event Grammar (CEG) helps implement event normalization and classification.

The CEG provides several fields which are used to normalize various aspects of the event, including the following:

• Ideal Model (Class of technologies such as antivirus, DBMS, and firewall)
• Category (Examples include Identity Management and Network Security)
• Class (Examples include Account Management and Group Management)
• Action (Examples include Account Creation and Group Creation)
• Results (Examples include Success and Failure)

Note: See the CA Enterprise Log Manager Administration Guide for details on the rules and files used in event refinement. See the section on Common Event Grammar in the online help for details on the normalizing and categorizing events.

More information:

Normalizing and Categorizing Events

Mapping and Parsing

Suppression and Summarization