Remove From My Forums

The error of "Log format does not match the expected format for GENERIC_LEEF_SYSLOG" in cloud app security

Question
0

Sign in to vote
Hi,

I am trying to integrate our product logs with cloud app security. I chose the Leef format. I encountered the error "Log format does not match the expected format for GENERIC_LEEF_SYSLOG". I tried a lot of test with the example format. In the end, I found if the log does not have any following attribution, it will show that error:

devTime=January 23 19 12:00:00 UTC devTimeFormat==MMM dd yyyy HH:mm:ss z src=10.0.10.209 dst=205.203.132.1 policy=Unhandled

My question is that are that attributions necessary for cloud app security and why do need them? I did not find any document for that.

Brad
- Moved by Femisulu Friday, February 1, 2019 12:53 AM Better suited for ASC since questions is related to if attributions are needed for Cloud app security
Tuesday, January 29, 2019 12:57 AM

Reply

|

Quote

All replies

0

Sign in to vote
Please refer to Web traffic log requirements which provides details on which all attributes are required in the web traffic logs.
- Proposed as answer by SaurabhSharma-MSFTMicrosoft employee, Moderator Tuesday, February 5, 2019 1:44 AM
Tuesday, February 5, 2019 1:44 AM

Reply

|

Quote

Moderator