Thank you!
Your feedback has been received and will be reviewed shortly!
FireEye EX appliances produce two categories of logs, each with it’s own respective format.
System logs, which contain information about various modules and processes, formatted as
<module>[<pid>]: <thread-id>: [<module>:<severity-level>] free text log detailsAlert logs, which contain incident details and support the following formats: CEF, LEEF, CSV, JSON, XML, PLAINTEXT with optional verbosity levels for specific formats.
MOREAL currently supports CEF-formatted Alert logs that follow the below structure
CEF:0|<vendor>|<product name>|<version>|<cef event type>|<event-name>|<severity>|<extension>