Device Details
|
Device Name |
Pulse Secure |
|---|---|
|
Vendor |
Ivanti |
|
Device Type |
Pulse Secure |
|
Supported Model Name/Number |
N/A |
|
Supported Software Version(s) |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output |
No |
|
Log Source Type |
Syslog - Pulse Secure |
|
Log Processing Policy |
LogRhythm Default v2.0 |
|
Exceptions |
N/A |
|
Additional Information |
Supported Log Messages
(List of LR Tags used to parse the log information for each message type)
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
Certificate/License Operational Messages |
N/A |
<group>, <login>, <object>, <severity>, <sip>, <tag1>, <vmid> |
|
Misc Messages |
N/A |
<command>, <group>, <login>, <object>, <responsecode>, <session>, <severity>, <sip>, <smac>, <subject>, <tag1>, <vmid> |
|
Policy Operational Messages |
N/A |
<group>, <login>, <policy>, <severity>, <sip>, <tag1>, <tag2>, <vmid> |
|
Role/Group Operational Messages |
N/A |
<severity>, <sip>, <login>, <group>, <vmid>, <tag1>, <tag2> |
|
User Authentication And Session Message |
N/A |
<group>, <login>, <reason>, <session>, <severity>, <sip>, <tag1>, <tag2>, <useragent>, <vmid> |
|
Radius Authentication Logs |
N/A |
<severity>, <sname>, <group>, <status>, <tag1>, <domainorigin>, <login>, <snatip> |
|
Access : Agent Authentication Succeeded |
N/A |
<severity>, <sname>, <group>, <domainorigin>, <login>, <session>, <sip>, <smac> |
|
Admin: Host Policy Passed |
N/A |
<severity>, <sname>, <group>, <policy>, <sip>, <domainorigin>, <login> |
|
Admin: Agent Session Bridge |
N/A |
<severity>, <sname>, <group>, <domainorigin>, <login>, <smac> |
|
Admin: Scan Failed |
N/A |
<severity>, <sname>, <group>, <action>, <object>, <dmac> |
|
Access: Session Deletion Message |
N/A |
<severity>, <sname>, <group>, <dname>, <dmac>, <result>, <responsecode>, <reason> |
|
Access: RADIUS Invalid Message Authenticator |
N/A |
<severity>, <sname>, <group>, <action>, <dip> |
|
Admin: TLS Handshake |
N/A |
<severity>, <sname>, <group>, <action>, <result>, <reason> |
|
Access: Enforcer Message |
N/A |
<severity>, <sname>, <group>, <sip>, <serialnumber> |
|
Access: Active Directory Authentication Server |
N/A |
<severity>, <sname>, <group>, <status>, <subject> ,<reason>, <result> |
|
SSL Negotiation Failed Messages |
N/A |
<severity>, <sname>, <sip>, <dip>, <reason>, <subject> |
|
Login Failed Messages |
N/A |
<severity>, <sname>, <sip>, <subject> |
|
Login Rejected Messages |
N/A |
<severity>, <sname>, <sip>, <login>, <group>, <subject> |
|
Virtual Appliance Messages |
N/A |
<severity>, <sname>, <sip>, <subject> |
Revision History
|
KB Version |
Log Type |
Change Type |
Details |
|---|---|---|---|
|
KB 7.1.614.0 |
Syslog - Pulse Secure |
New Log Source Type |
New Device support for Syslog - Pulse Secure |