Syslog - SecureLink
Device Details
Vendor | Secure Link |
|---|---|
Device Type | Remote Support Module |
Supported Model Name/Number | N/A |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | Yes |
Log Source Type | Syslog - SecureLink |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information | https://d22mewif9la5tw.cloudfront.net/wp-content/uploads/2019/03/SLINK_Overview_V2.pdf |
Currently Supported Log Types
Type | ProductVersion | Supported Schema Fields |
|---|---|---|
Remote Access Information | All | <severity>, <login>, <domainorigin>, <object>, <vendorinfo>, <sip> |
Audit Vendor Information | All | <severity>, <user>, <login>, <domainorigin>, <vendorinfo>, <objectname>, <objecttype>, <dport>, <dip>, <dname> |
Catch All | All | <severity> |
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
Accessed Service | <objectname> | String |
Application | <objecttype> | String |
Method | <object> | Connected Application |
N/A | <sip> | Origin Ip |
N/A | <dip>/<dname> | Destination IP |
Port | <dport> | Port No./Numeric |
USER | <severity> | Severity |
User | <login/<domainorigin> | Login and Domain |
Vendor Rep | <vendorinfo> | String |