About Sending Syslog Messages for Security Events

You can send data related to connection, security intelligence, intrusion, and file and malware events via syslog to a Security Information and Event Management (SIEM) tool or another external event storage and management solution.

Security events are the events displayed in the CDO web interface in the menu options under the Analysis menu, which are sometimes collectively referred to as "the event viewer."

These events are also sometimes referred to as Snort® events.