V 2.0 GlobalProtect Status Messages 1

Vendor Documentation

https://www.paloaltonetworks.com/documentation

Classification

Rule Name	Rule Type	Common Event	Classification
V 2.0 GlobalProtect Status Messages	Base Rule	General Authentication Event	Other Audit
V 2.0 Remote Authentication Success	Sub Rule	User Logon	Authentication Success
V 2.0 Remote Authentication Failure	Sub Rule	User Logon Failure	Authentication Failure

Mapping with LogRhythm Schema

Device Key in Log Message	LogRhythm Schema	Data Type
N/A	<vmid>	Text/String
N/A	<subject>	Text/String
N/A	<status>	Text/String
N/A	<tag1>	Text/String
N/A	<domainorigin>	Text/String
N/A	<login>	Text/String
N/A	<sname>	Text/String
N/A	<sip>	IP
N/A	<snatip>	IP
N/A	<serialnumber>	Text/String
N/A	<version>	Number
N/A	<quantity>	Number
N/A	<reason>	Text/String
N/A	<responsecode>	Number
N/A	<vendorinfo>	Text/String
N/A	<result>	Text/String
N/A	<tag2>	Text/String
N/A	<seconds>	Number

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.