Device Details
|
Vendor |
Secure Link |
|---|---|
|
Device Type |
Remote Support Module |
|
Supported Model Name/Number |
N/A |
|
Supported Software Version(s) |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output? |
Yes |
|
Log Source Type |
Syslog - SecureLink |
|
Log Processing Policy |
LogRhythm Default |
|
Exceptions |
N/A |
|
Additional Information |
https://d22mewif9la5tw.cloudfront.net/wp-content/uploads/2019/03/SLINK_Overview_V2.pdf |
Currently Supported Log Types
|
Type |
ProductVersion |
Supported Schema Fields
|
|---|---|---|
|
Remote Access Information |
All |
<severity>, <login>, <domainorigin>, <object>, <vendorinfo>, <sip> |
|
Audit Vendor Information |
All |
<severity>, <user>, <login>, <domainorigin>, <vendorinfo>, <objectname>, <objecttype>, <dport>, <dip>, <dname> |
|
Catch All |
All |
<severity> |
Parsed Metadata Fields
|
Product Field Name |
LogRhythm Metadata Field |
Value/Data Type |
|---|---|---|
|
Accessed Service |
<objectname> |
String |
|
Application |
<objecttype> |
String |
|
Method |
<object> |
Connected Application |
|
N/A |
<sip> |
Origin Ip |
|
N/A |
<dip>/<dname> |
Destination IP |
|
Port |
<dport> |
Port No./Numeric |
|
USER |
<severity> |
Severity |
|
User |
<login/<domainorigin> |
Login and Domain |
|
Vendor Rep |
<vendorinfo> |
String |