Device Details
|
Device Name |
ADAudit Plus |
|
Vendor |
Manage Engine |
|
Device Type |
Security |
|
Supported Model Name/Number |
N/A |
|
Supported Software Version |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output |
N/A |
|
Log Source Type |
Syslog - ManageEngine ADAudit Plus |
|
Log Processing Policy |
LogRhythm Default V 2.0 |
|
Exceptions |
N/A |
|
Additional Information |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
ADAPAlerts Log Messages |
N/A |
<severity>, <object>, <group>, <objectname>, <subject>, <login>, <domainorigin> |
|
ADAPTechnician Log Messages |
N/A |
<severity>, <object>, <login>, <dip>, <dname>, <action>, <domainorigin>, <subject> |
|
ADFSReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <account>, <dname>, <status>, <domainorigin>, <login>, <session>, <reason>, <process>, <sport>, <subject>, <responsecode>, <objecttype>, <protname>, <sname> |
|
ADObjectsAuditReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <status>, <login>, <reason>, <dname>, <domainimpacted>, <subject> |
|
Catch-All |
N/A |
<tag1>, <severity> |
|
ComputerMgmtReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <subject>, <dname>, <domainimpacted>, <login>, <reason> |
|
FileAuditReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <status>, <login>, <reason>, <parentprocessname>, <parentprocesspath>, <domainorigin>, <process>, <dname>, <dip>, <account>, <session>, <subject> |
|
FIMAuditReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <status>, <login>, <reason>, <parentprocessname>, <parentprocesspath>, <domainorigin>, <process>, <account>, <session>, <subject> |
|
LocalLogonLogoffReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <account>, <dip>, <dname>, <status>, <domainorigin>, <login>, <session>, <reason>, <sport>, <subject> |
|
LogonReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <account>, <dip>, <dname>, <status>, <domainorigin>, <login>, <session>, <responsecode>, <objecttype>, <reason> |
|
ServerAuditReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <status>, <login>, <process>, <dname>, <domainimpacted>, <parentprocessname>, <subject>, <reason> |
|
UserMgmtReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <subject>, <account>, <domainorigin>, <login>, <reason>, <process>, <sname> |
|
GroupMgmtReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <subject>, <reason>, <process>, <sname> |
|
DNSAuditReports Log Messages |
N/A |
<severity>, <object>, <objectname>, <status>, <login>, <reason>, <dname>, <domainimpacted>, <subject>, <sname> |
|
AzureADLogonReports Log Messages |
N/A |
<severity>, <object>, <session>, <sip>, <status>, <vendorinfo>, <objectname>, <responsecode>, <reason>, <login>, <domainimpacted>, <subject>, <sname> |
Revision History
|
KB Version |
Log Type |
Change Type |
Details |
|---|---|---|---|
|
KB 7.1.721.0 |
Syslog - ManageEngine ADAudit Plus |
New Device Documentation |
N/A |