Syslog - ManageEngine ADAudit Plus
Device Details
Device Name | ADAudit Plus |
Vendor | Manage Engine |
Device Type | Security |
Supported Model Name/Number | N/A |
Supported Software Version | N/A |
Collection Method | Syslog |
Configurable Log Output | N/A |
Log Source Type | Syslog - ManageEngine ADAudit Plus |
Log Processing Policy | LogRhythm Default V 2.0 |
Exceptions | N/A |
Additional Information |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
Type | Product Version | Supported Schema Fields |
|---|---|---|
ADAPAlerts Log Messages | N/A | <severity>, <object>, <group>, <objectname>, <subject>, <login>, <domainorigin> |
ADAPTechnician Log Messages | N/A | <severity>, <object>, <login>, <dip>, <dname>, <action>, <domainorigin>, <subject> |
ADFSReports Log Messages | N/A | <severity>, <object>, <objectname>, <account>, <dname>, <status>, <domainorigin>, <login>, <session>, <reason>, <process>, <sport>, <subject>, <responsecode>, <objecttype>, <protname>, <sname> |
ADObjectsAuditReports Log Messages | N/A | <severity>, <object>, <objectname>, <status>, <login>, <reason>, <dname>, <domainimpacted>, <subject> |
Catch-All | N/A | <tag1>, <severity> |
ComputerMgmtReports Log Messages | N/A | <severity>, <object>, <objectname>, <subject>, <dname>, <domainimpacted>, <login>, <reason> |
FileAuditReports Log Messages | N/A | <severity>, <object>, <objectname>, <status>, <login>, <reason>, <parentprocessname>, <parentprocesspath>, <domainorigin>, <process>, <dname>, <dip>, <account>, <session>, <subject> |
FIMAuditReports Log Messages | N/A | <severity>, <object>, <objectname>, <status>, <login>, <reason>, <parentprocessname>, <parentprocesspath>, <domainorigin>, <process>, <account>, <session>, <subject> |
LocalLogonLogoffReports Log Messages | N/A | <severity>, <object>, <objectname>, <account>, <dip>, <dname>, <status>, <domainorigin>, <login>, <session>, <reason>, <sport>, <subject> |
LogonReports Log Messages | N/A | <severity>, <object>, <objectname>, <account>, <dip>, <dname>, <status>, <domainorigin>, <login>, <session>, <responsecode>, <objecttype>, <reason> |
ServerAuditReports Log Messages | N/A | <severity>, <object>, <objectname>, <status>, <login>, <process>, <dname>, <domainimpacted>, <parentprocessname>, <subject>, <reason> |
UserMgmtReports Log Messages | N/A | <severity>, <object>, <objectname>, <subject>, <account>, <domainorigin>, <login>, <reason>, <process>, <sname> |
GroupMgmtReports Log Messages | N/A | <severity>, <object>, <objectname>, <subject>, <reason>, <process>, <sname> |
DNSAuditReports Log Messages | N/A | <severity>, <object>, <objectname>, <status>, <login>, <reason>, <dname>, <domainimpacted>, <subject>, <sname> |
AzureADLogonReports Log Messages | N/A | <severity>, <object>, <session>, <sip>, <status>, <vendorinfo>, <objectname>, <responsecode>, <reason>, <login>, <domainimpacted>, <subject>, <sname> |
Revision History
KB Version | Log Type | Change Type | Details |
|---|---|---|---|
KB 7.1.721.0 | Syslog - ManageEngine ADAudit Plus | New Device Documentation | N/A |