Skip to content




Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, code signing, mobile and SSH. Venafi provides global visibility of machine identities and their associated risks for the extended enterprise—on premises, mobile, virtual, cloud and IoT.

Product Details

Vendor URL: Venafi

Product Type: Certificate Management

Product Tier: Tier II

Integration Method: Venafi Syslog Forwarding

Integration URL: Cyderes Syslog Ingestion

Parser Details

Log Format: CEF

Expected Normalization Rate: 90%

Data Label: VENAFI

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
custom filter metadata.event_timestamp
CEF Description metadata.product_event_type
CEF Product metadata.product_name
CEF Version metadata.product_version
CEF Vendor metadata.vendor_name
Custom filter observer.ip
cat security_result.about.file.full_path
CEF Event ID security_result.rule_id
CEF Severity security_result.severity
msg security_result.summary

Product Event Types

Product Event Description UDM Event
All All events GENERIC_EVENT

Log Sample

Oct 24 14:14:21 CEF:0|Venafi|TPP|20.4|0x000e0009|Venafi Platform - Venafi Trust Protection Platform Heartbeat|Low|cat=\\VED\\Engines\\HOSTNAME1 msg=The Venafi Trust Protection Platform service manager for the engine HOSTNAME1 is operating.

Sample Parsing

metadata.event_timestamp: "Mon, 24 Oct 2022 14:14:21 GMT"
metadata.event_type: "GENERIC EVENT"
metadata.vendor_name: "Venafi"
metadata.product_name: "TPP"
metadata.product_version: "20.4"
metadata.product_event_type: "Venafi Platform - Venafi Trust Protection Platform Heartbeat"
observer.ip: ""
security_result.about.file.full_path: "\\VED\\Engines\\HOSTNAME1"
security_result.rule_id: "000e0009"
security_result.summary: "The Venafi Trust Protection Platform service manager for the engine HOSTNAME1 is operating."
security_result.severity: "LOW" 

Parser Alerting

This product currently does not have any Parser-based Alerting


Coming Soon