Skip to main content
Skip table of contents

V 2.0 : AnyConnect VPN Session Event

Vendor Documentation

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Event_Types_and_Log_Samples

Classification

Rule Name

Rule Type

Classification

Common Event

V 2.0: AnyConnect VPN Session Event

Base Rule

Information

VPN Session Information

V 2.0: Session Connected Messages

Sub Rule

Network Traffic

Session Connected

V 2.0: Session Disconnected Messages

Sub Rule

Network Traffic

Disconnect Session

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

N/A

N/A

N/A

Flow start time.

N/A

N/A

N/A

Flow stop time.

N/A

<object>

Text/String

Device name.

type

<vendorinfo>

Text/String

Event Type

N/A

<action>

Text/String

N/A

Msg

<session>

Number

N/A

<sip>

IP address

N/A

<login>

Text/String

N/A

<status>, <tag1>

Text/String

N/A

<protname>

Text/String

N/A

<days>

Number

N/A

<hours>

Number

N/A

<minutes>

Number

N/A

<seconds>

Number

N/A

<bytesout>

Number

N/A

<bytesin>

Number

N/A

<reason>

Text/String

N/A

<dip>

IP address

N/A

<subject>

Text/String

N/A

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close