Skip to main content
Skip table of contents

Syslog - Pulse Secure

Device Details

Device Name

Pulse Secure

Vendor

Ivanti

Device Type

Pulse Secure

Supported Model Name/Number

N/A

Supported Software Version(s)

N/A

Collection Method

Syslog

Configurable Log Output

No

Log Source Type

Syslog - Pulse Secure

Log Processing Policy

LogRhythm Default v2.0

Exceptions

N/A

Additional Information

https://help.ivanti.com//ps/help/en_US/ICS/22.x/22.7R2/ag/logging_n_monitoring.htm#logging_and_monitoring_1494202195_1024450

Supported Log Messages

(List of LR Tags used to parse the log information for each message type)

Type

Product Version

Supported Schema Fields

Certificate/License Operational Messages

N/A

<group>, <login>, <object>, <severity>, <sip>, <tag1>, <vmid>

Misc Messages

N/A

<command>, <group>, <login>, <object>, <responsecode>, <session>, <severity>, <sip>, <smac>, <subject>, <tag1>, <vmid>

Policy Operational Messages

N/A

<group>, <login>, <policy>, <severity>, <sip>, <tag1>, <tag2>, <vmid>

Role/Group Operational Messages

N/A

<severity>, <sip>, <login>, <group>, <vmid>, <tag1>, <tag2>

User Authentication And Session Message

N/A

<group>, <login>, <reason>, <session>, <severity>, <sip>, <tag1>, <tag2>, <useragent>, <vmid>

Radius Authentication Logs

N/A

<severity>, <sname>, <group>, <status>, <tag1>, <domainorigin>, <login>, <snatip>

Access : Agent Authentication Succeeded

N/A

<severity>, <sname>, <group>, <domainorigin>, <login>, <session>, <sip>, <smac>

Admin: Host Policy Passed

N/A

<severity>, <sname>, <group>, <policy>, <sip>, <domainorigin>, <login>

Admin: Agent Session Bridge

N/A

<severity>, <sname>, <group>, <domainorigin>, <login>, <smac>

Admin: Scan Failed

N/A

<severity>, <sname>, <group>, <action>, <object>, <dmac>

Access: Session Deletion Message

N/A

<severity>, <sname>, <group>, <dname>, <dmac>, <result>, <responsecode>, <reason>

Access: RADIUS Invalid Message Authenticator

N/A

<severity>, <sname>, <group>, <action>, <dip>

Admin: TLS Handshake

N/A

<severity>, <sname>, <group>, <action>, <result>, <reason>

Access: Enforcer Message

N/A

<severity>, <sname>, <group>, <sip>, <serialnumber>

Access: Active Directory Authentication Server

N/A

<severity>, <sname>, <group>, <status>, <subject> ,<reason>, <result>

SSL Negotiation Failed Messages

N/A

<severity>, <sname>, <sip>, <dip>, <reason>, <subject>

Login Failed Messages

N/A

<severity>, <sname>, <sip>, <subject>

Login Rejected Messages

N/A

<severity>, <sname>, <sip>, <login>, <group>, <subject>

Virtual Appliance Messages

N/A

<severity>, <sname>, <sip>, <subject>

Revision History

KB Version

Log Type

Change Type

Details

KB 7.1.614.0

Syslog - Pulse Secure

New Log Source Type

New Device support for Syslog - Pulse Secure

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.