Device Details
|
Vendor |
Ubiquiti |
|---|---|
|
Device Type |
Enterprise Gateway |
|
Supported Model Name/Number |
Ubiquiti UniFi Security Gateway |
|
Supported Software Version(s) |
All |
|
Collection Method |
Syslog |
|
Configurable Log Output? |
Yes |
|
Log Source Type |
Syslog - Ubiquiti UniFi Security Gateway |
|
Log Processing Policy |
LogRhythm Default |
|
Exceptions |
N/A |
|
Additional Information |
Prerequisites
-
UniFi Controller Software
Device Configuration Checklist
-
The device is connected and powered on.
-
The Ubiquiti UniFi Controller software is installed.
-
The device is adopted from the UniFi Controller dashboard.
Currently Supported Log Types
|
Type |
Product Version |
Supported Schema Fields
|
|---|---|---|
|
Syslog Messages |
All |
<severity>, <parentprocessname>, <sname>, <object>, <vendorinfo> |
|
Workload Messages |
All |
<severity>, <parentprocessname>, <sname>, <vendorinfo>, <duration> |
|
Host Messages |
All |
<severity>, <parentprocessname>, <sname>, <object>, <reason>, <url> |
|
Network Traffic Log |
All |
<severity>, <parentprocessname>, <sname>, <object>, <dinterface>, <sinterface>, <smac>, <sip>, <dip>, <size>, <duration>, <protname>, <sport>, <dport> |
Parsed Metadata Fields
|
Product Field Name |
LogRhythm Metadata Field |
Value/Data Type |
|---|---|---|
|
DPT |
<dport> |
Numeric |
|
DST |
<dip> |
IP Address |
|
IN |
<dinterface> |
Text |
|
LEN |
<size> |
Numeric |
|
MAC |
<smac> |
Mac Address |
|
OUT |
<sinterface> |
Text |
|
PROTO |
<protname> |
Text |
|
SPT |
<sport> |
Numeric |
|
SRC |
<sip> |
IP Address |
|
TTL |
<duration> |
Numeric |