CloudBolt¶
About¶
CloudBolt helps organizations be more efficient, agile, and value-driven in the cloud.
Product Details¶
Vendor URL: cloudbolt.io
Product Type: Cloud management
Product Tier: Tier III
Integration Method: Syslog
Parser Details¶
Log Format: Syslog
Expected Normalization Rate: 100N%
Data Label: CLOUDBOLT
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| levelname | security_result.severity_details |
| name | metadata.product_event_type |
| message | metadata.description |
| CloudBolt (static) | metadata.log_type |
| Custom filter | metadata.product_log_id |
| Custom filter | observer.hostname |
Product Event Types¶
| Event | UDM Event Classification |
|---|---|
| all others | GENERIC_EVENT |
Log Sample¶
<13>1 2024-02-12T20:34:56.930972+00:00 hostname1 - - - [NXLOG@0000 EventReceivedTime="2024-02-12 20:34:56" SourceModuleName="in_file" SourceModuleType="im_file"] {"asctime": "2024-02-12 20:34:55,602", "levelname": "INFO", "name": "jobengine.job.103611", "message": "Canceling this job"}
Sample Parsing¶
metadata.base_labels.log_types = "CLOUDBOLT"
metadata.description = "Canceling this job"
metadata.event_timestamp.seconds = 1707770096
metadata.event_type = "GENERIC_EVENT"
metadata.product_event_type = "jobengine.job.103611"
metadata.product_log_id = "103611"
metadata.vendor_name = "CloudBolt"
observer.hostname = "hostname1"
security_result.severity_details = "INFO"
Rules¶
Coming Soon