📢 Read the latest Release Notes to learn what's new on Hunters! 💡

Veeam Backup and Replication

  • Published on Mar 11, 2026
Prev Next
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Veeam Backup and Replication Logs

✅

✅

veeam_backup_and_replication_logs

Key Value

S3

Overview

Veeam Backup & Replication logs operational events generated by the Veeam data protection platform during backup, replication, and recovery tasks for virtual machines,  physical servers, and workloads. These logs typically contain details about backup job execution, task status, restore point creation or modification, repository usage, data transfer metrics, and system metadata such as job identifiers, VM names, hostnames, timestamps, and Veeam server versions.

Supported data types

Veeam Backup and Replication Logs

Table name: veeam_backup_and_replication_logs

The logs are commonly exported in syslog  (RFC5424) format or collected from the Windows Event Log on the Veeam Backup Server. Each event includes structured key-value fields (e.g., job IDs, repository IDs, VM identifiers, status codes, storage size, and platform information) along with a descriptive message explaining the activity. Event identifiers (such as task completion, restore point creation, or restore point updates) help track backup lifecycle operations and system health. These logs are useful for monitoring backup operations, troubleshooting job failures, auditing backup activity, and integrating with SIEM platforms to generate alerts on abnormal conditions such as failed backup tasks, corrupted restore points, or unexpected changes to backup data.

Send data to Hunters

Hunters supports the ingestion of Veeam Backup and Replication Logs via an intermediary AWS S3 bucket

To connect Veeam Backup and Replication Logs:

Connect using S3

  1. Export your logs from Veeam Backup and Replication Logs to an AWS S3 bucket.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

Logs are expected in KeyValue format.

1 2026-03-02T05:35:37.520004+01:00 HOSTNAME Veeam_MP - - [origin enterpriseId="3333"] [categoryId=0 instanceId=10090 OibID="799c76da-f01c-4593-acc8-92aebb460e70" OriginalOibID="799c76da-f01c-4593-acc8-92aebb460e70" IsCorrupted="False" Platform="8" StorageSize="14394235898" RepositoryID="sjncj-384njn-sdcj3" IsFull="True" VbrHostName="VBRHOST" VbrVersion="13.0.1.1071" Version="1" Description="VM 'ABC' restore point has been modified."]