Previous Topic: Common Event GrammarNext Topic: Seven Areas of an Event


What Is the CEG?

The CA Common Event Grammar (CEG) is a grammar used to express event information after it is collected. It provides a means to normalize the raw event data gathered from log sources and express it in common format for easy display and understanding. Each data field in a log event is converted to a particular data representation and categorized consistently. The CEG uses a standard set of fields to express the event information. The list of fields is divided into seven areas that provide descriptive information about the entities in the event.

This section contains the following topics:

Seven Areas of an Event

Types of Events

Identifying the Type of Event