A partner is sending ESET antivirus detections to Huntress Managed SIEM via syslog in LEEF format.

Today, these logs are ingested as Syslog-Generic, which means they are stored and searchable but not parsed into structured fields or surfaced as a dedicated, coordinated detection signal.

As a result, ESET AV alerts function more like unstructured notations than actionable, correlated security events within SIEM.

They are requesting that ESET is added to Huntress Managed SIEM as a formal syslog source.