Syslog - Avatier Identity Management Suite (AIMS)
Device Details
Vendor | Avatier |
|---|---|
Device Type | Identity Management Suite |
Supported Model Name/Number | N/A |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | No |
Log Source Type | Syslog – Avatier Identity Management Suite (AIMS) |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information | N/A |
Device Configuration Checklist
Enable or disable the following fields in the Identity Management Suite as noted:
- Action Type (Numeric) - Disable
- Action Type (Test) - Enable
- Admin Domain – Enable
- Admin UserID – Enable
- AIMS Server – Disable
- Description – Enable
- IP Address – Enable
- Language – Disable
- Primary Domain – Enable
- Primary User – Enable
- Product (Numeric) - Disable
- Product (Text) - Disable
- Session ID – Disable
- Sub Action Type (Numeric) - Disable
- Sub Action Type (Text) - Disable
- Target Connector (Numeric) - Disable
- Target Connector (Text) - Enable
- Target Type (Numeric) - Disable
- Target Type (Text) - Disable
- User Domain – Enable
- UserID - Enable
Currently Supported Log Types
| Type | Product Version | Supported Schema Fields |
|---|---|---|
AIMS Messages | N/A | <severity>, <sender>, <sip>, <domainorigin>, <login>, <tag1>, <object>, <domainimpacted>, <account>, <subject> |
Parsed Metadata Fields
| Product Field Name | LogRhythm Metadata Field |
|---|---|
N/A | <severity> |
N/A | <sender> |
N/A | <subject> |
Action Type (Text) | <tag1> & <object> |
IP Address | <sip> |
Primary Domain | <domainimpacted> |
Primary User | <account> |
User Domain | <domainorigin> |
UserID | <login> |