Syslog - CA Privileged Access Manager (PAM)
Device Details
| Device Name | Syslog – CA Privileged Access Manager |
|---|---|
| Vendor | CA Technologies (BROADCOM) |
| Device Type | Device and Password Access Control |
| Supported Model Name/Number | Privileged Credential Vault |
| Supported Software Version | N/A |
| Collection Method | Syslog |
| Configurable Log Output | No |
| Log Source Type | Syslog – CA Privileged Access Manager |
| Log Processing Policy | LogRhythm Default |
| Exceptions | N/A |
| Additional Information |
Prerequisites
To access CA Privileged Access Manager, you need one of the following Web browsers:
- Microsoft Internet Explorer 11 or higher
- Mozilla Firefox
- Apple Safari
- Google Chrome
Supported Log Messages
(List of LR Tags used to parse the log information for each message type)
| Type | Product Version | Supported Schema Fields |
|---|---|---|
All | <severity> | |
All | <severity> ,<login>, <account>, <object>, <status>, <recipient>, <group>, <subject>, <sname>, <dname>, <sip> | |
All | <severity> ,<processid>, <sip> ,<snatip> ,<login> ,<action> ,<dip> ,<sname> ,<group> , <sport> , <protname> ,<subject> ,<useragent>, <policy>, <object>, <vendorinfo>, <dport> , <kilobytes> ,<url>,<dname>, <domainorigin>, <tag1> | |
| Gksyslog Messages | All | <severity> ,<processid>,<login>, <useragent>, <domainorigin>, <sname>, <action>, <subject> |
| Logwatch Process Messages | All | <severity>, <processid>, <subject>, <action> |
All | <severity> ,<action>, <login>, <sip>, <sname> | |
All | <severity> ,<action>, <subject>, <account>, <command>, <login>, <sip>, <sname> | |
All | <severity> ,<action>, <login>, <object>, <account>, <minutes> | |
All | <severity> ,<action>, <login>, <object>, <reason>, <dname>, <command>, <account>, <sip>, <sname>,<responsecode> | |
| Password Expire View Request Messages | All | <severity> ,<action>, <processid>, <login>, <responsecode>, <account>, <sip>, <sname> |
All | <severity> ,<processid>, <sip> ,<snatip> ,<login>, <tag1>, <dip>, <sname>, <subject>, <dport>, <protname>, <object>, <status>, <minutes> |
Revision History
KB Version | Log Type | Change Type | Details |
|---|---|---|---|
KB 7.1.598.0 | Syslog | Documentation | Updated existing device documentation |