In the 'Log Forwarding" profile that googol included a screen shot of you can elect which threats you wanted to send to your SEIM/Syslog. Further within the SEIM you can use REGEX to parse the fields and filter exactly the records you're looking for. For instance a "Threat" log with a threat type of "virus" of a "medium" severity can be filtered to either be included or excluded in your SEIM: 2015/07/21 09:49:53,*DEVICE SN*,THREAT,virus,*A BUNCH OF STUFF SEPARATED BY ALPHA NUMERIC CHARACTERS SEPARATED BY COMMAS* ,Virus/Win32.ramnit.aztfn(2022885),any,medium,server-to-client,*MORE STUFF FOLLOWS* Here was a log example from our SEIM. You'd have to use REGEX to parse through the log message to the relevant fields but you could filter to the log types you're wanting this way as well.
... View more