IDMEF | Ressources


IDMEF V1 Tutorial

  • IDMEF format : Detailed description of the IDMEF Format (class schema, etc.)



Similar formats

  • SDEE : Security Device Event Exchange (Cisco)
    The Security Device Event Exchange (SDEE) is a specification for the message formats and the messaging protocol used to communicate the events generated by security devices. Cisco Intrusion Detection Event Exchange (CIDEE) specifies the extensions to the Security Device Event Exchange (SDEE) that are utilized by Cisco’s network-based intrusion prevention systems.
  • CEE : Common Event Expression (Mitre)
    CEE™ is the Common Event Expression initiative being developed by a community representing the vendors, researchers, and end users, and coordinated by MITRE. The primary goal of the effort is to standardize the representation and exchange of logs from electronic systems. Nota : Due to changing priorities, the U.S. Government organization that sponsored MITRE’s work on CEE has decided to stop funding development of CEE to focus on other priorities.
  • CEF : Common Event Format (ArcSight) : CEF (Common Exchange Format) is format proposed by ArcSight for promoting interoperability between various event- or log-generating devices ( security and not-security devices.)
  • LEEF : Log Event Extended Format (IBM)
  • SDEE format : Detailed schema of Cisco SDEE (Security Device Event Exchange)